Reputation: 41
struts2 prevent other users from performing an action
hello i am trying to write a web application with struts 2 the problem is that i am having an action like this http://localhost:8080/Onda_vol/suprimer?id=14 which allows user to delete a row from SQL with the id= 14 i am using session that doesn't allow people to enter the application with no permission
for example if i enter to http://localhost:8080/Onda_vol/index.jsp it will redirect me to http://localhost:8080/Onda_vol/login.jsp and will ask for username and password but the but when some one enter to http://localhost:8080/Onda_vol/suprimer?id=14 it redirects him to http://localhost:8080/Onda_vol/login.jsp but the row with the id=14 get deleted how can i prevent this from happening please don't tell me to use post instead of get cause the action is written like this
<th><a class="btn btn-danger" href="suprimer?id=<s:property value="id_vol" />"> suprimer</a></th>
ps: suprimer means delete
Upvotes: 0
Views: 49
Answers (1)
Reputation: 333
What you're looking for is Interceptors. See https://struts.apache.org/docs/interceptors.html on how to use them.
Upvotes: 1
Related Questions
- redirect after login with struts2
- Struts2 : Problem in redirecting From other site to myApplication
- can't change or add action in struts2
- j_security_check not redirecting to angular with # hash key
- Not able to redirect with href
- Struts2 Action Mapping Results in Error 404
- Struts2 Lifecycle of Action object
- response.sendRedirect doesn't keep track of ip
- Stop user from accessing a Struts2 action directly?