what about something like this: Create a token using a UUID and add it to a database along with creation time and what the token should grant access to.
Send an email to the user with the url http://www.mysite.com/page?token=zxczxczxczxczxc When the user navigates to the url, create new session with the desired timeout. Check the creation time against current time for old urls. Either delete the token from the database, or mark it as expired So the user could access this url for 1 day for example and make decisions. Dave Newton-6 wrote: > > On Thu, Feb 3, 2011 at 7:17 AM, eRobot wrote: >> Thats a good point Dave, I could create a separate app for this as they >> will >> not need to see my web app, they only need to see the image and click a >> radio button to approve or not. >> >> Would you recommend a login approach or some kind of temporary url. >> I need security but would like to avoid issuing login details? > > Easiest would be to generate some sort of GUID associated with the > picture and email the person a link to it. You could either use a GUID > per photo, or per user, or whatever. > > It ain't perfect, but it might be "good enough", at least if you have > email addresses. > > Dave > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > > > -- View this message in context: http://old.nabble.com/Struts2---Image-Approval-Process-tp30834627p30836134.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
