Re: URL authentication

2010-08-23 Thread Paweł Wielgus
.xml) for resource > authorization. Is this a good idea? Is it enough? > > -Oorspronkelijk bericht- > Van: CRANFORD, CHRIS [mailto:chris.cranf...@setech.com] > Verzonden: maandag 9 augustus 2010 15:50 > Aan: Struts Users Mailing List > Onderwerp: RE: URL authentication > >

RE: URL authentication

2010-08-09 Thread Guy Thomas
: URL authentication Pattern A: /unsecured/* Run whatever unsecured interceptors on these. This would not include the authentication interceptor or the allowed resource check interceptor. That's because these are considered OPEN to everyone. Pattern B: /secured/* Run the authentic

RE: URL authentication

2010-08-09 Thread CRANFORD, CHRIS
simply logout and back in and the access is fixed. Lots of ways to do it, but I would keep them separate. Chris > -Original Message- > From: Dave Newton [mailto:davelnew...@gmail.com] > Sent: Monday, August 09, 2010 6:23 AM > To: Struts Users Mailing List > Subject: Re:

Re: URL authentication

2010-08-09 Thread Dave Newton
user is not > having access to a particular resource. This can also be built into the > same interceptor, but you will have to supply the authorization table > somehow - usually from an LDAP or RDBMS. > > - Rahul > > > > From: > Guy Thomas > To: > Struts Users Mailin

Re: URL authentication

2010-08-09 Thread Rahul Mohan
to a particular resource. This can also be built into the same interceptor, but you will have to supply the authorization table somehow - usually from an LDAP or RDBMS. - Rahul From: Guy Thomas To: Struts Users Mailing List Date: 09-08-2010 11:47 Subject: URL authentication I am adding

URL authentication

2010-08-08 Thread Guy Thomas
I am adding authentication to a Struts2 web application by implementing an authentication interceptor. With an interceptor, as far as I understand, you can prevent non-authenticated perons from accessing specific actions. However, suppose somebody forwards a URL to a specific pdf-file to a non-