This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
well, tiles is to assemble your jsp fragments. it's not meant to be used to secure access.
should you want to avoid that users enter an action path directly, you need to secure the actions (typically with a mandatory login)
hope this helps, jan
Grigory O. Ptashko
Joined: Jan 26, 2006
I am asking about how to move some actions from users at all. It doesn't matter whether a user is registered or not. Just as like you move jsp pages to WEB-INF/jsp to prevent direct client's access to them.
I want to use some actions only from my jsp. Did you get the point?
Joined: Feb 03, 2004
yes, i think i got the point.
to my best knowledge, this is not possible unless you provide some mechanics that enable the action to distinguish / recognize its invoker.
a fairly easy approach would be to write an object into the session and let the action check its existence. if you don't want to call this a login, we can also name it foobar or so :-)
of course this can be done implicitly.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: Reusable but not visible to client components with Struts and Tiles?