Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Reusable but not visible to client components with Struts and Tiles?

 
Grigory O. Ptashko
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello.

I cannot understand how to implement the following. Suppose I want to make a tile that shows weather. I write a struts action for fetching the weather.
Then if I write something like



my weather tile will be inserted into the web page. But at the same moment if a client types in her browser:



It will also show the tile as html in her browser. But I do not want my clients to know what components do I have in my system. I want my components to be available only if I do



How can I achieve this? Please, I trying to understand but I fail all the time.

Thanks.
 
Jan Groth
Ranch Hand
Posts: 456
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
well, tiles is to assemble your jsp fragments. it's not meant to be used to secure access.

should you want to avoid that users enter an action path directly, you need to secure the actions (typically with a mandatory login)

hope this helps,
jan
 
Grigory O. Ptashko
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jan,

I am asking about how to move some actions from users at all. It doesn't matter whether a user is registered or not. Just as like you move jsp pages to WEB-INF/jsp to prevent direct client's access to them.

I want to use some actions only from my jsp. Did you get the point?

Thanks.
 
Jan Groth
Ranch Hand
Posts: 456
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes, i think i got the point.

to my best knowledge, this is not possible unless you provide some mechanics that enable the action to distinguish / recognize its invoker.

a fairly easy approach would be to write an object into the session and let the action check its existence. if you don't want to call this a login, we can also name it foobar or so :-)

of course this can be done implicitly.

cheers,
jan
 
Consider Paul's rocket mass heater.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic