There is no reason why I cannot, I just wanted to attempt a struts-only approach because then the security realm/namespace is declared along with the rest of my actions. With container managed security I may easily forget to synchronize the web.xml and struts files. Not a big problem though.
- Jae On 4/2/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jae, Jae K wrote: > Chris, > > Thanks for your input. SecurityFilter was on my list as well, and I think > it's what I will go for. I'm surprised that noone else is familiar with > this particular problem though. Note that securityfilter and the AAA built into Tomcat both support this feature of sending the user to the originally-requested resource (including POST data) after a login. Is there a reason why you cannot use container-managed authentication and authorization? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGEYQA9CaO5/Lv0PARAj0ZAJ9k0jGJvCMCYAQ+L+s5Pn+V6BHzawCfXEji G/RzmkTlGi5cM0UhulM99Ws= =GtPw -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
