struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Torgeir Veimo <>
Subject Re: best practices for logging in
Date Sun, 24 Feb 2002 16:35:46 GMT
>     has anyone encountered special cases where they've had to come up with some 
>     unique way of handling logins?

Why not use container managed authentication?

You don't need to protect your pages statically using statements in web.xml.

If you need to protect specific pages, then redirect to a login page (or 
a page protected by a statement in web.xml) when necessary. You can 
check if someone is logged in by checking if request.getUserPrincipal() 
returns null or not.


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message