This content has been marked as final.
Show 2 replies
-
1. Re: session handling of users
quilleashm Dec 22, 2006 10:22 AM (in response to ask4saif)"ask4saif" wrote:
how can i restrict users from unauthorized access of pages.
Probably use a servlet filter for your web application. The filter intercepts all requests to the URLs it is mapped to. If you place something in the session context when a login is succesful the filter can check for the lack of this in the session and block access.
Seam has a finer control mechanism for doing this via a custom interceptor if you only want to apply security to certain pages. See the docs."ask4saif" wrote:
how can i redirect users to login page if their username does not exist in the session.
Use a RequestDispatcher in the filter described above to forward the request to the login page."ask4saif" wrote:
how can i check if the form is submitted illeaglly.
Not sure what you mean by "submitted illegally" -
2. Re: session handling of users
norman.richards Dec 22, 2006 11:15 AM (in response to ask4saif)If you can't wait for the seam security stuff, have a look at the Seam DVD Store app. I think it does a good job of showing how to accomplish programatic access control. It uses page actions in pages.xml to accomplish this.