I wrote a "LoadApplication" action that executes after my user has
logged in. It checks the database to see what roes they have and it
fills the session with a few variables such as...
I am thinkng to do the same with filter is it possible?
I am using DispatchAction alot is it possible to allow a function action
like list and to deny create
tnx but i have never work with interceptor
Richard Sayre wrote:
I wrote a "LoadApplication" action that executes after my user has
logged in. It checks the database to see what roes they have and it
fills the session with a few variables such as
admin = true;
designer = false; etc.
by default they are all false.
Then I wrote an interceptor that checked their access from the
session. If they have access the Action they are requesting would
execute. If they did not have access I would redirect them to the
main page. You could also have the interceptor check the Database
directly. I am not a security expert, but this should be more secure
than storing those values in session. There will be more overhead in
checking the database before every action.
On 8/6/07, Jim Theodoridis <[EMAIL PROTECTED]> wrote:
Hello
I am using my own security manager to login to a struts application.
I am looking for a way to fires an action only when a user logs in
have the rights permissions
Any suggestions?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
