That is probably a good idea, I actually extended the existing one to
find required roles from an Annotation rather than the struts.xml
because I am trying to use "Zero Config." I also found a problem with
my solution, which is that the Servlet Filter does not seem to get
fired before JSPs are re
Thanks, that what was I was looking for. I will take a look at your
example,
but I'm also considering just writing my own RolesInterceptor ...
F
Quoting Josh Vickery <[EMAIL PROTECTED]>:
Flemming, if you are not using JAAS, and don't want to interact with
it, you can fake it by wrapping th
Flemming, if you are not using JAAS, and don't want to interact with
it, you can fake it by wrapping the HttpServletRequest in a servlet
filter. This is the method used by SecurityFilter
(http://securityfilter.sourceforge.net/) and is very easy to
implement.
Here are some code snippets:
A filter
> Am I missing something? I have a working version of an AuthInterceptor, but
> still no examples on how to control isUserInRole().
To control the isUserInRole() you will have to look at your Servlet
container and customise the AuthInterceptor to interact with your
container's implementation of
Hi Flemming,
On 02/05/07, Flemming Seerup <[EMAIL PROTECTED]> wrote:
Am I missing something? I have a working version of an AuthInterceptor, but
still no examples on how to control isUserInRole().
On manning.com I found a lightbody_src.zip from WW in action, but it doesn't
handle roles.
Could
]>
To:
Sent: Wednesday, May 02, 2007 8:59 AM
Subject: Re: [S2] populating user roles
Am I missing something? I have a working version of an AuthInterceptor,
but
still no examples on how to control isUserInRole().
On manning.com I found a lightbody_src.zip from WW in action, but it
doesn't
Am I missing something? I have a working version of an AuthInterceptor, but
still no examples on how to control isUserInRole().
On manning.com I found a lightbody_src.zip from WW in action, but it doesn't
handle roles.
Could anybody tell me the location of Mark Mernards blog?
/Flemming
Quoti
Those are good pointers. The key is that it all depends on how you are
handling authentication and authorization, since there are so many
possible approaches.
For example, if you use container managed security, setting up the roles
is a matter of configuring your container appropriately. If yo
To achieve this we wrote a custom AuthInterceptor which we added to the
default stack, which adds some core authorisation functionality - add user
object (with roles) to the session, add a custom user menu (based on roles)
to the session and checks authorisation for the action.
It's pretty straigh
The easiest way I've found to do this is to write a ServletFilter that
wraps the HttpServletRequest with a class that implements the
isUserInRole method based on your database roles from an object you
populated and placed in the Session.
Josh
On 5/1/07, Flemming Seerup <[EMAIL PROTECTED]> wrote:
I would like to populate the user roles from a database during login, but have
not found any examples how to do so in Struts2.
I have found an example how to use RolesInterceptor to secure access to specific
actions, but no hints on how to populate the roles.
/Flemming
-
11 matches
Mail list logo
