You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@struts.apache.org by Jerry Jalenak <Je...@LABONE.com> on 2002/07/18 16:32:06 UTC

Override processPreprocess or ActionServlet? (Best Practices)

Following a web application security presentation yesterday, it became
apparent to me that I needed to further my security model to ensure that a
user has a valid session at the beginning of every action.  What is the
recommended 'best practice' to do this?  Should I write a BaseAction that
extends Action?  extend the ActionServlet?  do something in
processPreprocess?  How is everyone else doing this?

Jerry Jalenak
Development Manager, Web Publishing
LabOne, Inc.

This transmission (and any information attached to it) may be confidential and is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient or the person responsible for delivering the transmission to the intended recipient, be advised that you have received this transmission in error and that any use, dissemination, forwarding, printing, or copying of this information is strictly prohibited. If you have received this transmission in error, please immediately notify LabOne at (800)388-4675.



--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>