| Author |
how to avoid multiple request attribute
|
Munish Dabra
Greenhorn
Joined: Nov 18, 2003
Posts: 19
|
|
I need to setup something more generic on application level for the scenario mentioned:
Any of my actions/Jsp can optionally set One or more particualr request attribute keys (different user ids etc ), on the basis of which I need to check some data specific security (to match the userid with current logged user )in AppGlobalAction(all action extends this action).
What I dont like is to get all these request attribute in AppGlobalAction and check everytime although we need this data specific security thing for only few actions.
Other thing Is there any better way to achieve this thing. Can we set request attibute in our action as an array or something like that . I dont want to define so many attribute with different names and check them all the time?
|
Munish Dabra<br />SCJP , SCWD
|
 |
Jeanne Boyarsky
internet detective
Marshal
Joined: May 26, 2003
Posts: 26168
|
|
Munish,
Take a look at servlet filters. You can do all the security checks in one place that way.
Also, you can put a SecurityUser object in the session instead of passing everything around in request attributes.
|
[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
|
|
 |
|
|
subject: how to avoid multiple request attribute
|
|
|
0
