There is no reason why I cannot, I just wanted to attempt a struts-only
approach because then the security realm/namespace is declared along with
the rest of my actions. With container managed security I may easily forget
to synchronize the web.xml and struts files. Not a big problem though.

- Jae

On 4/2/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jae,

Jae K wrote:
> Chris,
>
> Thanks for your input. SecurityFilter was on my list as well, and I
think
> it's what I will go for. I'm surprised that noone else is familiar with
> this particular problem though.

Note that securityfilter and the AAA built into Tomcat both support this
feature of sending the user to the originally-requested resource
(including POST data) after a login.

Is there a reason why you cannot use container-managed authentication
and authorization?

- -chris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGEYQA9CaO5/Lv0PARAj0ZAJ9k0jGJvCMCYAQ+L+s5Pn+V6BHzawCfXEji
G/RzmkTlGi5cM0UhulM99Ws=
=GtPw
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


Reply via email to