> From: Joao Batistella [mailto:joao-p-batistella@(protected)]
> 1. Put an include or tag in every page that checks this
> 2. Check this in my struts action
> 3. Use a servlet filtering to filter all .jsp or .do requests
> I'm thinking about adopting solution number 3. Is it the best aproach?

Yes. IMO 1 and 2 are way too late to be checking whether the user is
allowed to be there.

--
Wendy Smoak

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@(protected)
For additional commands, e-mail: struts-user-help@(protected)