struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Haulyn R. Jason" <>
Subject Re: Authentication way: Should I interceptor <s:url> or <s:a> before it render?
Date Tue, 19 Aug 2008 14:26:33 GMT
Dave Newton :
> --- On Tue, 8/19/08, Haulyn R. Jason wrote:
>> When our client login our system, I can create a List
>> contains privilege objects, it includes properties:action 
>> name and namespace, without a custom tag, how can I check 
>> whether this member should see the link? I mean, I do not 
>> know how to do it without writing Java code.
> I didn't say without writing a custom tag, I said without writing Java; the same functionality
could be in a JSP 2.0 tag file. And I didn't say it was the *best* idea, it's just another
> It doesn't matter, but I don't really get your access scheme; personally I would have
just assign a collection of roles to a user and the tag would check a user versus a role,
so in pseudo-code a "guarded link" would look like:
> <foo:userHasRole role="admin">
>   <a href="admin">Admin</a>
> </foo:userHasRole>
> This is only reasonable if there are a small-ish number of places this is needed, otherwise
as somebody else suggested it might be better to just render a completely different page.
> Dave
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:
Oh, Sorry,Dave
I know what's your meaning now.

I think I can do it like this:
1. when the member Login, I store a List<Privilege> in session scope
2. I will use Interceptor to protect my application
3. I will write a custom tag using Java, to validate whether a link 
should be displayed.
4. All my page, all components are dynamic, So I need to execute some 
logic in custom tags

What's your opinion?



Mobile: +086-15864011231

Haulyn Runner Jason

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message