JDBCRealm use causes series of kludges

[Brad Pardee <pa...@yahoo.com>]

Hi,

I have a struts application that requires
authentication.  I currently use JDBCRealm for this
but because of a series of work-arounds I think I must
use, I'm looking for a better method.  Here are my
kludges:

1) Default forwarding in an action just does a
forward, so if my original action doesn't need
authentication, but forwards to a jsp page that does,
the URL doesn't change so the page bypasses
authentication.  In order to get around this, I added
the init-param forward in my ActionServlet mapping to
use the RedirectingActionForward class.  This works,
but leads to my next problem...

2) Using RedirectionActionForward, all my actions that
have errors and stay on the current page have their
values erased if I use request scope.  Therefore, all
my pages have to use session scope to reuse previously
entered values.

3) I have a registration screen which automatically
logs in the user.  In order to do this, I save the
username/password in a session object.  On my login
page, I check if this object exists and if so set
these values as a couple of hidden fields and
automatically submit.

I'm somewhat of a struts newbie so I feel like I'm
probably missing the cleaner solution(s).  If anyone
has any thoughts, I would appreciate hearing them.

Regards,
Brad


__________________________________________________
Do You Yahoo!?
Yahoo! Greetings - send holiday greetings for Easter, Passover
http://greetings.yahoo.com/

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>