Why not just specify the protected pages in your web.xml and let
Tomcat do this for you?
If that isn't flexible enough, I would do this as a servlet
filter.
Mark
Dola Woolfe wrote:
Hi,
I'm adding a level of security to my web applicaiton.
Certain pages are only available to certain users.
So the page first checks wither the user is authorized
to view it. If yes, it displays the page. Otherwise it
offers to login.
I don't want to do this with a (short) "if" and a
(long) "then" so I throw a MyAuthenticationException
and in ErrorPage.jsp have code: if (exception
instanceof MyAuthenticationException)
forward-to-login-page. (This saves me from having a
big "then" block on every page.)
Is it a good idea to handle flow this way?
Thanks!
Dola
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
