My question is regarding user session validation in a secure area of my app.
This is how my application works currently: I have an action class which checks if the user is logged on, and forward to login page if not. This is a simple solution, and was fine when only few pages required user validation. As the section of the site increased, I feel I need a better solution.
So finally, my question: How can I implement a better method by which I can specify which pages require user validation in struts config file?
yes, as far as i understand this will require config of your web.xml - but that's no problem, or?
what i am doing in my webapp (simplified) - i have a NotLoggedInAction which handels the login and writes the user into the session. all other actions subclass LoggedInAction and check if the user is in the session. if not, they redirect to an appropriate error page...
works like a charm :-)
Joined: Aug 24, 2005
wont that require configuration in web.xml along with struts config?
You'll need to add some stuff to the web.xml but not the struts-config.xml. Is that a problem?