I am using Resin2.0. In our Intranet, all the user requests are directed to a servlet which does the authentication and redirects to the respective jsp files.
Created Jun 6, 2002
Stephen McConnell Actually an excellent design pattern is to create a base class like MyCompanyJSP as an abstract class. All JSP's will extend this class. Then, you can put an abstract
This is one way we do this at our shop.
_jspService(request, response)method in your MyCompanyJSP class.
You should place a "user" mediator in a "request" attribute each time the controller servlet is called that contains the user's authentication. Now, you can create "concrete"
doPost and doGetmethods which do authentication. Unless there is a valid "user" mediator in a "request" attribute and that user mediator validates the users ability to access that page, then the page is not displayed and forwards to a "not authorized" page.
If one just types in the URL, the "user" mediator is not available and the page access is not valid.
Digg
del.icio.us
Newsvine
Facebook
Google
LinkedIn
MySpace
Reddit
Slashdot
StumbleUpon
Technorati
Twitter
Windows Live
YahooBuzz
FriendFeed
Comment and Contribute
