Thank you, Dave.
I think Martin misunderstood me. I was planning to store everything in
the session anyway. What I would like to know is _what_ I have to store
and _how_ to invoke the right action later in order to make the login
stuff transparent.
Maybe I am also going to check out Spring Security, as Wes suggested,
but ATM I am using my own little AuthenticationInterceptor that supplies
every Action (if desired) with the UserLogin-bean and redirects to the
login-action if the bean is mandatory (indicated by annotation). It's
working nicely, and I would like to keep it :-)
Greetings,
~Andreas
Dave Newton schrieb:
Martin Gainty wrote:
1)store in db
2)if static.. place in properties file
3)you can use OGNL to place values into 'application' scope
...
3) Seems like 'session' would be more appropriate since we're talking
about storing an individual user's request, to be re-used after a login.
And it would be put into session by the interceptor that checked if the
user was logged in, which wouldn't do it via OGNL.
2) It's unlikely a user's request would be known in advance.
1) I can't think of any reason why I'd want to store the request in a DB
since it only needs to persist over login attempts.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
