After further testing, it looks like even without tiles, the strut2
action mapping is not secured with Acegi/Spring Security (as of version
2.0.1, Struts version 2.0.11). As far as I can tell, it has to do with
the FilterDispatcher (Struts2) always forwarding to ActionProxy class to
process work (hence the Spring Security Filter never knows of the request)
Antonio Petrelli wrote:
2008/5/13 Alberto A. Flores <[EMAIL PROTECTED]>:
I would, but it seems to me like there is little that can be done on the
Struts2 side (unless a plugin of some sort is written). Essentially, when
control is forwarded to the tile, Spring security can not do much (or maybe
I'm missing something).
I see...
The Spring Security team is well aware of (as far as forwards), that
resources are not secured on forwards (which sucks, really, unless I'm doing
something terribly wrong).
Great, at least the bug is not at Struts or Tiles side :-)
I'll see if I can create a subset of my current app describing the problem.
Probably would post a war file? Is that what you meant?
Exactly, with the source.
Antonio
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Alberto A. Flores
http://www.linkedin.com/in/aflores
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
