[EMAIL PROTECTED] wrote:
Hello!
I have got an application, where users are authenticated with ldap firstly.
Afterwards, there will be another database, which defines the roles, the user is
in. When the user is logged in, the roles are read from this table and should be
applied to struts, in order to use afterwards the tag isUserInRole.
My question now is:
How must I set the roles the user is actually in (a user could be in more than
one role at the same time), after the user has been logged in, that I can use
the tag isUserInRole in the jsp file for hiding or not some pieces of the page?
'isUserInRole' is a concept supplied by the standard Servlet APIs. If
you are using container managed security, the details of how you map
roles from your LDAP/database will be specific to the container you use.
If you *don't* use container managed security, the details will be even
less standard :-)
What authentication / authorization strategy are you implementing? One
way or another you will need to ensure that
HttpServletRequest.isUserInRole() is aware of your authorization data.
L.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
