Thank you Susan. I have some plans to take a stab at some documentation.
Unfortunately right now I have relentless clients, approaching deadlines
and bills to pay! (yeah yeah, who doesn't?)
And as far as security goes, I'm not qualified at this point, in my
opinion. But, I'll get there.
Erik
S
min = null;
> Object obj = session.getAttribute( Constants.ADMIN
> );
> if ( obj != null )
>admin = (User)obj;
> return admin;
> }
>
> }
>
> Regards
>
> - Original Message -
> From: "Leandro Melo" <[EMAIL PROTECTED]>
> To:
--- Original Message -
From: "Leandro Melo" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Friday, August 20, 2004 1:20 AM
Subject: Re: Security - From tradition to struts
> Thank you very much for your time Erik, i'll try to
>
o stop you forgetting to make the required
security calls at the beggining of the subclassed action!
Daniel.
> -Original Message-
> From: Susan Bradeen [mailto:[EMAIL PROTECTED]
> Sent: 19 August 2004 15:17
> To: Struts Users Mailing List
> Subject: Re: Security - From tradition
Excellent explanation, Erik. Consider adding this to the Struts Wiki for
posterity? Must be a place for it in there somewhere ...
Erik Weber <[EMAIL PROTECTED]> wrote on 08/19/2004 08:31:08 AM:
> Sorry, by "hand-rolled" I just mean one that is written specifically for
> the application (writt
Thank you very much for your time Erik, i'll try to
get some study around it!!!
I don't know if it's possible (probably not, i
know...) , but if you could send me your LogonAction
class (and associated stuff) would awsome! But i you
can't, that's allrigth, i completely understand!
Regards,
Leandr
Sorry, by "hand-rolled" I just mean one that is written specifically for
the application (written by you).
The general idea is something like this:
Make a BaseAction class.
Implement a checkLogin method in the BaseAction class that looks in the
current request's HttpSession for a "User" object,
Erik,
i don't quite understand what you call a hand-rolled
java component (maybe because of my english).
Anyway, it seems to me that you're not using JAAS to
completely control application's security, are u?
I don't know if it possible, but if so, would you post
your setup and basic classes?
I'm ve
I don't really consider myself an expert here, but I dare say that there
are a lot of webapps deployed out there using programmatic (hand-rolled)
security successfully. I have used the approach with success. What
exactly the advantages are to using container-managed security I am not
able to fu
So Erik, is it a common and usual aproach to do login
outside of Struts (ordinary jsps), and then use Struts
afterwards???
--- Erik Weber <[EMAIL PROTECTED]> escreveu:
> Leandro, search the archives of this List for
> "JAAS". I participated in
> a thread about this within the last two months.
Leandro, search the archives of this List for "JAAS". I participated in
a thread about this within the last two months.
I'm not sure if I understand exactly what you want to do, but if you
want to use container-managed security, I don't know of a way to have
your login screen be part of Struts.
Or i just extend the DatabaseServerLoginModule class
and leave an empty class
--- Leandro Melo <[EMAIL PROTECTED]>
escreveu:
> Just complementing my question...
>
> Would it be fair if i copy JBoss'
> DatabaseServerLoginModule code and place it inside
> an
> Action???
>
> This way, i'll
Just complementing my question...
Would it be fair if i copy JBoss'
DatabaseServerLoginModule code and place it inside an
Action???
This way, i'll have an Action (for example,
MyLoginAction) that does exactly what
DatabaseServerLoginModule does.
--- Leandro Melo <[EMAIL PROTECTED]>
escreveu:
13 matches
Mail list logo
