Thanks Laurie!
I have quite a few Struts and Tomcat books. What I wonder is exactly
where to set up JAAS. That's because I might have more than one app in
the same Tomcat5 server. So I wonder if for each database/application I
could configure JAAS separately, that is can I do it only within one
Struts apps use a separate database,tables for that specific struts
apps? If so what is the XML config file that I should have that? My
struts-config.xml?
Laurie Harper wrote:
C.F. Scheidecker Antunes wrote:
I am learning my ways through Struts having done Servlets and JSPs
before. In order to have authentication functionalities with my
Servlets I used to have a user table and a roles table. Once the user
logs in he/she would be authenticated with the user name, password
through Tomcat as it was configured with the database information,
table name, etc.
I would like to do pretty much the same with Struts. I have checked
the O'Reilly Struts Cookbook but, although it has great
authentication tips, it does not include a recipe to have
authentication with a database. Is there any article on how to
perform it with Struts? Any books that you would suggest?
So what I think is that I should have a model class to do this kind
of authentication rather than using the XML config files. However how
would I include all the roles in that class? Have a data structure
like a list maybe? That way I could always check for a specific role
for every JSP or action whether the user would be allowed or not. Any
thoughts?
You can set up container managed security in just the same was as
you've done previously, you don't need to do anything new or different
with Struts (provided container managed security gives you everything
you need). Once you have it setup you can tell Struts to restrict
access to actions based on roles through struts-config.xml.
L.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]