F
Fred
Hello World.
Fact: The jsp redirect overides tomcat authentication.
expl: A User is in a page within its access rights, he clicks a button
that gets to a jsp page containing a redirect jsp tag to a location to
wich the user is not aloud access... Regarless of that fact, the user
gets access to the forbiden page.
Appache explains in their docs that because the page is required from
jsp page coding it considers it a programmer decision and not a user
one and therefore allows it.
All well and good but ... In most input pages, I use a request scope
bean
that enables me nicely to use the automatic get and set method within
the bean
to triger some validation. Is it possible to pass the content of a
request bean from one page to an other and keep the normal
authentification fonctionality?
maybe by ...
A) Pass a bean content through a http link (something like a redirect)
or
B) Using a button to go to another location without using a redirect
(and therefore avoiding the overide)
Thanks a lot
Fred
Fact: The jsp redirect overides tomcat authentication.
expl: A User is in a page within its access rights, he clicks a button
that gets to a jsp page containing a redirect jsp tag to a location to
wich the user is not aloud access... Regarless of that fact, the user
gets access to the forbiden page.
Appache explains in their docs that because the page is required from
jsp page coding it considers it a programmer decision and not a user
one and therefore allows it.
All well and good but ... In most input pages, I use a request scope
bean
that enables me nicely to use the automatic get and set method within
the bean
to triger some validation. Is it possible to pass the content of a
request bean from one page to an other and keep the normal
authentification fonctionality?
maybe by ...
A) Pass a bean content through a http link (something like a redirect)
or
B) Using a button to go to another location without using a redirect
(and therefore avoiding the overide)
Thanks a lot
Fred