0

Hi i have a small application with spring and i've been adding security which is great but i need to allow temporary privileges to a specific client may generate an GUID to injecting into the URL, and send it to their email saying something like:

Hi we need you to fill some information before start working on your task, please visit:

http://mydomain.com/information/information.jsf?id=6bbdeb67986e405793fbf75dr1F692a1

.... just for an specific time or when they filled that information... but i haven't figure out how to do it.

DOes anyone has a good approach to do that?? it doesnt necesarilly has to be with Spring and JSF but that would help me a lot!

Thanks

Necronet
  • 6,704
  • 9
  • 49
  • 89

1 Answers1

1

Store a token in the database associated with the user's account that your application interprets as "Has special privilege to edit ticket #foobar", and remove the token once the user has submitted the form.

matt b
  • 138,234
  • 66
  • 282
  • 345
  • Same principle still applies - you store some sort of random token in the database which the anonymous user is given in the form of the link sent in the email. – matt b Mar 10 '11 at 01:40