Originally posted by Prakash Dwivedi:
Using filters would mean adding each secure resource to the web.xml in addition to the struts-config.xml, is that right?
depeneds, either u can have one generic filter which intercepts all the requests or u can add urls of all the secure locations in the web.xml and map them to your filter.
As you are using struts you can use RequestProcessor, Here u can check if the user is asking for secure site. If so check for User Id in the session.
Originally posted by Ngo Thanh Hien:
You should use Form based authentication (J2EE specification). This will help you protect your application by URL
Put the moon back where you found it! We need it for tides and poetry and stuff. Like this tiny ad:
free, earth-friendly heat - a kickstarter for putting coin in your pocket while saving the earthhttps://coderanch.com/t/751654/free-earth-friendly-heat-kickstarter