struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eddie Bush <ekb...@swbell.net>
Subject Re: Struts/Container-Managed Authentication Question
Date Sun, 28 Jul 2002 06:11:16 GMT
Here's something that comes to mind.  It's certainly less than idea, 
however it would provide a fair work-around:

Create a directory and place a security-constraint on it.  This 
directory would contain pages that did nothing but redirects.  You would 
sit down and plan out from where your users could login, and where they 
should be sent to when they login from that page/url.  Set your 
JSP/whatever pages up to redirect accordingly.  You'd have a 
proliferation of files though - OR - how is this:

Set up a page specifically with a security-constraint.  Obviously the 
user in the above scenario will have to be led to the login by a link - 
this scenario would be no different.  Your link would be dynamic and 
snag the request parameters out of the URL -- and tack one additional 
one on:  the url you wish to redirect to once you authenticate.  Now, 
your "let the user login" page would cause authentication to occur. 
 Then they get to see the page/action/watever you pointed them to that 
caused the login to begin iwth.  From THIS page/action/whatever you 
could get the parameter of where to send the user, and send them 
wherever you please - done deal.

Why would this not work, Craig?  (After following this for several days 
and mulling it over rather heavily, I see no reason it would not work, 
but, knowing you are far more knowledgable on this topic than am I, I 
expect there to be a reason :-)

HTH someone - and is a viable option!

Regards,

Eddie

P.S. - It would be portable too, I think!



--
To unsubscribe, e-mail:   <mailto:struts-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:struts-user-help@jakarta.apache.org>


Mime
View raw message