[jboss-user] [JBoss Seam] - Re: session handling of users
quilleashm
do-not-reply at jboss.com
Fri Dec 22 10:22:36 EST 2006
"ask4saif" wrote :
| how can i restrict users from unauthorized access of pages.
|
Probably use a servlet filter for your web application. The filter intercepts all requests to the URLs it is mapped to. If you place something in the session context when a login is succesful the filter can check for the lack of this in the session and block access.
Seam has a finer control mechanism for doing this via a custom interceptor if you only want to apply security to certain pages. See the docs.
"ask4saif" wrote :
| how can i redirect users to login page if their username does not exist in the session.
|
Use a RequestDispatcher in the filter described above to forward the request to the login page.
"ask4saif" wrote :
| how can i check if the form is submitted illeaglly.
|
Not sure what you mean by "submitted illegally"
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995887#3995887
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3995887
More information about the jboss-user
mailing list