This week's book giveaway is in the Design forum.
We're giving away four copies of Building Microservices and have Sam Newman on-line!
See this thread for details.
The moose likes Servlets and the fly likes how to avoid multiple  request attribute Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Building Microservices this week in the Design forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "how to avoid multiple  request attribute " Watch "how to avoid multiple  request attribute " New topic

how to avoid multiple request attribute

Munish Dabra

Joined: Nov 18, 2003
Posts: 19
I need to setup something more generic on application level for the scenario mentioned:

Any of my actions/Jsp can optionally set One or more particualr request attribute keys (different user ids etc ), on the basis of which I need to check some data specific security (to match the userid with current logged user )in AppGlobalAction(all action extends this action).
What I dont like is to get all these request attribute in AppGlobalAction and check everytime although we need this data specific security thing for only few actions.
Other thing Is there any better way to achieve this thing. Can we set request attibute in our action as an array or something like that . I dont want to define so many attribute with different names and check them all the time?

Munish Dabra<br />SCJP , SCWD
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 32507

Take a look at servlet filters. You can do all the security checks in one place that way.

Also, you can put a SecurityUser object in the session instead of passing everything around in request attributes.

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link:
subject: how to avoid multiple request attribute
It's not a secret anymore!