struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Graham" <dgraham1...@hotmail.com>
Subject RE: Disable Navigation
Date Thu, 12 Sep 2002 21:48:01 GMT
Sounds right except for the "pages check for" part.  I wouldn't have each 
jsp check for the valid login.  I would override ActionServlet's perform 
method and put the check in there.  This means all requests must go through 
the ActionServlet and you can't link directly to the JSPs (it's worth it 
though).

Dave


>From: "Cohan, Sean" <SCohan@goSPS.com>
>Reply-To: "Struts Users Mailing List" <struts-user@jakarta.apache.org>
>To: 'Struts Users Mailing List' <struts-user@jakarta.apache.org>
>Subject: RE: Disable Navigation
>Date: Thu, 12 Sep 2002 17:45:47 -0400
>
>Yes the app navigation, not the browser ;).
>
>For the former case, if I put it in a pop-up and they close it without
>changing the pw, I'd then have to worry about disabling the parent browser.
>I guess I could have the change password action complete the logon process
>and place the appropriate indicator in the session which pages would check
>for to see if the user is logged on.
>
>Sound right?
>
>-----Original Message-----
>From: David Graham [mailto:dgraham1980@hotmail.com]
>Sent: Thursday, September 12, 2002 5:35 PM
>To: struts-user@jakarta.apache.org
>Subject: Re: Disable Navigation
>
>
>Just to make sure, you're not disabling the browser navigation right?  Just
>the app's navigation?  Your users won't be pleased if you break their back
>button :-).
>
>You could probably use the HTTP_REFERER header attribute to tell where they
>came from.  You could also use the same jsp component but in the first case
>put it in a popup window without the navigation components.
>
>Dave
>
>
> >From: "Cohan, Sean" <SCohan@goSPS.com>
> >Reply-To: "Struts Users Mailing List" <struts-user@jakarta.apache.org>
> >To: 'Struts Users Mailing List' <struts-user@jakarta.apache.org>
> >Subject: Disable Navigation
> >Date: Thu, 12 Sep 2002 17:26:29 -0400
> >
> >For our app, if the user logs in for the first time or if the user's
> >password is 30 days old, we require that they change it immediately 
>logging
> >in.  So from the logon action we send them to a password.jsp.  But the 
>user
> >should also be able to go to password.jsp anytime after logging in from
> >(just about) any other jsp.
> >
> >For the former case, we would want to disable any navigation on
> >password.jsp.  And for the latter case enable the navigation.  How can I
> >distinguish when I should disable the navigation?  That is, how do I know
> >that they came from the logon action and not some other jsp?
> >
> >Or should I be using two separate password pages?
> >
> >Thanks.
> >
> >--
> >To unsubscribe, e-mail:
> ><mailto:struts-user-unsubscribe@jakarta.apache.org>
> >For additional commands, e-mail:
> ><mailto:struts-user-help@jakarta.apache.org>
>
>
>
>
>_________________________________________________________________
>Join the world's largest e-mail service with MSN Hotmail.
>http://www.hotmail.com
>
>
>--
>To unsubscribe, e-mail:
><mailto:struts-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail:
><mailto:struts-user-help@jakarta.apache.org>
>
>--
>To unsubscribe, e-mail:   
><mailto:struts-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: 
><mailto:struts-user-help@jakarta.apache.org>




_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com


--
To unsubscribe, e-mail:   <mailto:struts-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:struts-user-help@jakarta.apache.org>


Mime
View raw message