.xml) for resource
> authorization. Is this a good idea? Is it enough?
>
> -Oorspronkelijk bericht-
> Van: CRANFORD, CHRIS [mailto:chris.cranf...@setech.com]
> Verzonden: maandag 9 augustus 2010 15:50
> Aan: Struts Users Mailing List
> Onderwerp: RE: URL authentication
>
>
: URL authentication
Pattern A:
/unsecured/*
Run whatever unsecured interceptors on these. This would not include the
authentication interceptor or the allowed resource check interceptor. That's
because these are considered OPEN to everyone.
Pattern B:
/secured/*
Run the authentic
simply
logout and back in and the access is fixed.
Lots of ways to do it, but I would keep them separate.
Chris
> -Original Message-
> From: Dave Newton [mailto:davelnew...@gmail.com]
> Sent: Monday, August 09, 2010 6:23 AM
> To: Struts Users Mailing List
> Subject: Re:
user is not
> having access to a particular resource. This can also be built into the
> same interceptor, but you will have to supply the authorization table
> somehow - usually from an LDAP or RDBMS.
>
> - Rahul
>
>
>
> From:
> Guy Thomas
> To:
> Struts Users Mailin
to a particular resource. This can also be built into the
same interceptor, but you will have to supply the authorization table
somehow - usually from an LDAP or RDBMS.
- Rahul
From:
Guy Thomas
To:
Struts Users Mailing List
Date:
09-08-2010 11:47
Subject:
URL authentication
I am adding
I am adding authentication to a Struts2 web application by implementing an
authentication interceptor.
With an interceptor, as far as I understand, you can prevent non-authenticated
perons from accessing specific actions.
However, suppose somebody forwards a URL to a specific pdf-file to a
non-
6 matches
Mail list logo