struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Max Cooper" <...@maxcooper.com>
Subject Re: Security Filter and ActionForm
Date Sat, 11 Jan 2003 09:27:37 GMT
The latest release of SecurityFilter (securityfilter-1.0-b5) has been fixed
to allow requests to the login and error pages even if they match a security
constraint. This matches the behavior of the containers I tested.

It also has some security fixes, so I recommend all users upgrade to the
latest version. You can download it here:
http://sourceforge.net/project/showfiles.php?group_id=59484&release_id=13181
3

-Max

----- Original Message -----
From: "Arnesen, Geir" <geir.arnesen@aftenposten.no>
To: "Struts Users Mailing List" <struts-user@jakarta.apache.org>;
<technomage@attbi.com>
Sent: Saturday, January 11, 2003 12:55 AM
Subject: SV: Security Filter and ActionForm


We use this consept. The loginform is unsecured (not filtered). When
trying to access a secured page with no session (this is checked by the
filter), - the request is forwarded to the loginpage. After successfull
logon, - you are sent to the originally selected page. If the logon
fails,- you gets the errror, - i.e. logon failed...

Geir





--
To unsubscribe, e-mail:   <mailto:struts-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:struts-user-help@jakarta.apache.org>


Mime
View raw message