Oh, nice, I'll try to implement this then. I have read a lot about authorization and authentication and am trying to decide the best alternative for my struts based application (which can hopefully become my standard in web app development).
Thank you for the tip, I'll report to say how it is going. Because I'm still rather new in the development process, what is the best strategy for the filter implementation? Should I create a filter specifically for this task or is there a "rule of thumb" in the creation of filters so that they can be grouped together depending on some criterion (life cycle phase when they're called, for example)? Chris Pratt wrote: > > Exactly. > (*Chris*) > > On 6/29/07, wild_oscar <[EMAIL PROTECTED]> wrote: >> >> >> Do you mean implementing a HttpServletRequestWrapper and overriding its >> isUserInRole so that it finds the user and its roles in the httpsession >> (where I stored the Principals)? >> >> >> >> Chris Pratt wrote: >> > >> > It uses the HttpServletRequest.isUserInRole() method. One way to >> populate >> > this is with a Filter that wraps the request with an >> > HttpServletRequestWrapper. >> > (*Chris*) >> > >> > On 6/29/07, wild_oscar <[EMAIL PROTECTED]> wrote: >> >> >> >> > > -- View this message in context: http://www.nabble.com/JAAS-authorization-with-Struts-tf4000073.html#a11390663 Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
