RE: Authentication and Authorization in S2

2007-08-24 Thread Arnaud Cogoluegnes
: jeudi 23 août 2007 18:22 À : Struts Users Mailing List Objet : Re: Authentication and Authorization in S2 What do you mean with "100% Struts 2 security"? As far I know, S2 does not have anything out-of-the-box regarding security. In my case, I had to manually develop a login act

Re: Authentication and Authorization in S2

2007-08-23 Thread Alvaro Sanchez-Mariscal
protects only *actions* and not data (i.e. which roles can see which > rows in the database). > > > -Message d'origine- > De: wild_oscar [mailto:[EMAIL PROTECTED] > Envoyé: jeudi 23 août 2007 16:15 > À: user@struts.apache.org > Objet: Re: Authentication and Auth

RE: Authentication and Authorization in S2

2007-08-23 Thread Arnaud Cogoluegnes
data (i.e. which roles can see which rows in the database). -Message d'origine- De : wild_oscar [mailto:[EMAIL PROTECTED] Envoyé : jeudi 23 août 2007 16:15 À : user@struts.apache.org Objet : Re: Authentication and Authorization in S2 How about AA with Struts2 only? I'm tryin

Re: Authentication and Authorization in S2

2007-08-23 Thread wild_oscar
;> ------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Alvaro Sanchez-Mariscal Arnaiz > Java EE Architect & Instructor > [EMAIL PROTECTED] > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Authentication-and-Authorization-in-S2-tf4300234.html#a12294512 Sent from the Struts - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

Re: Authentication and Authorization in S2

2007-08-20 Thread Roberto Nunnari
Thank you very much Zarar and Alvaro for your hints. Yes. I'm using spring, and I'll take a look at Acegi, and maybe Berkano, too. Best regards. -- Robi. I'll take a look at the Alvaro Sanchez-Mariscal wrote: I agree. You should first try Acegi. If your auth needs are very specific, you ca

Re: Authentication and Authorization in S2

2007-08-20 Thread Alvaro Sanchez-Mariscal
I agree. You should first try Acegi. If your auth needs are very specific, you can always develop a custom interceptor. Alvaro. On 8/20/07, Zarar Siddiqi <[EMAIL PROTECTED]> wrote: > If you're using Spring, it's probably a great idea to use Acegi > Security to handle authentication/authorization

Re: Authentication and Authorization in S2

2007-08-20 Thread Zarar Siddiqi
If you're using Spring, it's probably a great idea to use Acegi Security to handle authentication/authorization. I can't think of anything it can't do. http://www.acegisecurity.org/ There's also Berkano which doesn't do nearly as much as Acegi but can handle most general AA problems: http://ber

Authentication and Authorization in S2

2007-08-20 Thread Roberto Nunnari
Hi all. I need to implement Authentication and Authorization in a S2 web application, and before reinventing the wheel, I'd like to ask the list for hints and advice. 1) Is there built-in support in Struts2 for Authentication and Authorization? 2) What are the best practices for AA in S2? 3)