[jboss-user] [JBoss Seam] - Preventing direct access to pages
waynebagguley
do-not-reply at jboss.com
Tue Mar 20 06:08:47 EDT 2007
Is there a way of preventing a user manipulating the URL and accessing a page that should only be accessed by the result of an action on a session bean?
For example, I have two pages of data entry followed by a pdf generated by the iText component. If I am on page 1 or 2 then it is still possible for me to access page 3 (and get useless results) by manipulating the URL.
This seems like a serious flaw in Seam to me. It's possible that I am missing something obvious as I am fairly new to Seam and JSF.
Thanks.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4029688#4029688
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4029688
More information about the jboss-user
mailing list