struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Affonso <glis...@greywether.com>
Subject Re: How to restrict direct accessing .jsp and .do in struts webapp
Date Wed, 05 Dec 2007 17:51:10 GMT
SmokeTheSun wrote:
> Hi, 
>  
>  Iam working in Struts1.2 application development. In that i want to
> restrict 
>  direct access(through URL) for jsp pages or by calling .do action. 
>  
>  Specifically unauthenticated user must not access any pages. 

ACEGI is the current gold-standard for implementing 
authentication/authorization.

It's also a steep learning curve (particularly if you don't know/use 
Spring).


If your need is trivial, use container-based authentication like Martin 
suggested.  But if your need is non-trivial (or will soon grow to be 
non-trivial) take a close look at ACEGI.

- Gary

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message