On Tue, Dec 28, 2010 at 11:10 AM, Amol Ghotankar
wrote:
> Even I am searching for some better way in which authentication can be done
> using struts2 or spring security toghether.
You might want to look at Codehaus Redback. Even if you end up not
using it, you might find some ideas there.
(Red
Personally, I'd lean towards having showSales.action always show a report
specific to the current user.
Then the manager wouldn't click on showSales.action. She'd click on
showSalesSummary.action which would have a completely customized query.
-Brian
On Tue, Dec 28, 2010 at 3:25 PM, wrote:
Dave is right in that there are truly a dozen ways to do this. However,
Struts does not have an out-of-the-box solution governing user/role level
permissions. Does your company have a user user based permissions system in
house today where permissions are determined according to the user logged
i
I can elaborate on the requirement as follows,
Assume a simple action which is authorized to be called by sales dept people
only. i.e showSales.action
When a user from purchase dept tries to call this action then, an
interceptors will check whether the user in role has the authorization to
access
On Tue, Dec 28, 2010 at 11:10 AM, Amol Ghotankar wrote:
> Even I am searching for some better way in which authentication can be done
> using struts2 or spring security toghether.
>
> No direct or simple example to explain it working together.
>
> Specially for these two cases where
>
> 1. which u
Hello,
Even I am searching for some better way in which authentication can be done
using struts2 or spring security toghether.
No direct or simple example to explain it working together.
Specially for these two cases where
1. which user can access which action, is stored in database ->
authori
On Mon, Dec 27, 2010 at 8:36 AM, Jordi Fernandez
wrote:
> Have you considered Spring Security?
> http://static.springsource.org/spring-security/site/
No.. I'll have to read a bit more; but my first guess is that I'd have
to do some refactoring of some legacy code ( I need to use the same
underlyi
On Mon, Dec 27, 2010 at 8:59 AM, Dave Newton wrote:
> (Let me clarify slightly.)
>
OK, I think I understand. The Interceptor should check if the session
is authenticated, but should perform the Login. That's what I would
have done, so maybe that's what confused me.
Thanks for clearing that up.
(Let me clarify slightly.)
On Mon, Dec 27, 2010 at 8:38 AM, Dave Newton wrote:
> Why/how did it confuse you? Login shouldn't be /performed/ by an
> interceptor, an interceptor should check if a user has logged in for a given
> resource and if not redirect to a login page.
>
> The /action/ of log
Why/how did it confuse you? Login shouldn't be /performed/ by an
interceptor, an interceptor should check if a user has logged in for a given
resource and if not redirect to a login page.
The /action/ of logging in should be performed by an action.
I guess I'm not sure what you're trying to figur
Have you considered Spring Security?
http://static.springsource.org/spring-security/site/
On 27/12/2010 14:17, Greg Akins wrote:
I'm just starting to research the appropriate Struts2 way to do
Authorization/Authentication.
Looks like a LoginInterceptor on the default stack is the way to go
(th
11 matches
Mail list logo
