I don't know the answer to your question but Acegi *is* a Spring subproject and will be renamed "Spring security". So now you only use ONE new technology... :)
-----Original Message----- From: Dave Newton [mailto:[EMAIL PROTECTED] Sent: den 11 oktober 2006 17:50 To: Struts Users Mailing List Subject: [Struts2] Canonical application-based, role-based authentication. What *is* the canonical way to do app- and role-based authentication like I used to with a custom RequestProcessor in Struts1? The way I have it now is via an action param with a csv list of roles and an interceptor that expects all actions to implement a getter for that parameter. I know there's the Acegi route, but I'm already getting yelled at because they found out Struts2 uses Spring and I was only allowed to use one new technology :/ I think Acegi might make them cut out their own spleens, but if it's the "best" option then I'll hand 'em the knife myself. TIA, Dave --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
