You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@struts.apache.org by bu...@apache.org on 2003/10/30 00:24:01 UTC

DO NOT REPLY [Bug 24235] New: - Secure html:link tag, plus module support.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24235>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24235

Secure html:link tag, plus module support.

           Summary: Secure html:link tag, plus module support.
           Product: Struts
           Version: Nightly Build
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Enhancement
          Priority: Other
         Component: Custom Tags
        AssignedTo: struts-dev@jakarta.apache.org
        ReportedBy: garyashley@toughguy.net


I'd like to add a module="" attribute to the html:link and html:rewrite tags so 
that you can specify a different module to link to.  In addition, I'd like to 
enhance the link tag to provide a security mechanism.  The idea being that if 
you supply the action="" and/or module="" then the action mapping roles would 
be checked.  If the user was NOT in the required role, the link would not be 
written.

There are 2 options for the security feature.  Creating a SecureLinkTag, 
html:slink, that will provide the security mechanism by default.  The 2nd, 
would be to supply a secure="true/false" attribute to the html:link tag.

I will submit patches to the latest nightly build for consideration.  Thank 
you.

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org