struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Max Cooper" <>
Subject Re: Security Filter and ActionForm
Date Sat, 11 Jan 2003 09:27:37 GMT
The latest release of SecurityFilter (securityfilter-1.0-b5) has been fixed
to allow requests to the login and error pages even if they match a security
constraint. This matches the behavior of the containers I tested.

It also has some security fixes, so I recommend all users upgrade to the
latest version. You can download it here:


----- Original Message -----
From: "Arnesen, Geir" <>
To: "Struts Users Mailing List" <>;
Sent: Saturday, January 11, 2003 12:55 AM
Subject: SV: Security Filter and ActionForm

We use this consept. The loginform is unsecured (not filtered). When
trying to access a secured page with no session (this is checked by the
filter), - the request is forwarded to the loginpage. After successfull
logon, - you are sent to the originally selected page. If the logon
fails,- you gets the errror, - i.e. logon failed...


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message