kill your pride, share your knowledge with all
so to avoid a smart user that wants avoid the log in (in the same computer), he maybe simplely see the url and load any url, how http://.../app/someaction.do for example.
Regards,<br />Roshani
kill your pride, share your knowledge with all
Merrill
Consultant, Sima Solutions
Regards,<br />Roshani
You would only have to import the login form from where you want the login information of the user.
I wanted to ask, is this way of imposing security wrong? Is is not a simple way of achieving what we req?
kill your pride, share your knowledge with all
is this way of imposing security wrong? Is is not a simple way of achieving what we req?
Merrill
Consultant, Sima Solutions
You can certainly add code to each Action class, and that will work fine, but I'm naturally lazy and don't like the idea of changing every Action class. I'd much rather put the code in one place.
kill your pride, share your knowledge with all
Regards,<br />Roshani
Merrill
Consultant, Sima Solutions
You'll just have to do your homework and decide which you want to use.
I'd recommend using your own login page and writing a simple filter to check for a valid login with each page. It's much simpler than dealing with container managed authentication.
kill your pride, share your knowledge with all
how comentary, acegi , a security framework, can be used with realm.
and acegi is used for spring
Merrill
Consultant, Sima Solutions
write, revise, re-write, revise, again...<br />write, revise, re-write, revise, again...
kill your pride, share your knowledge with all
Well THAT's new! Comfort me, reliable tiny ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
|