struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roger Varley" <roger.var...@googlemail.com>
Subject Re: [S2] Newbie. Authentification Interceptors
Date Wed, 25 Apr 2007 09:30:40 GMT
On 25/04/07, Zoran Avtarovski <zoran@sparecreative.com> wrote:
> For what it's worth we use a combination of both JAAS and a custom
> AuthInterceptor.
>
> JAAS handles authentication and the AuthInterceptor manages authorisation.
> This leverages off the strength of JAAS and has the flexibility required for
> our needs.
>
> A couple of sources of useful information are:
>
> 1. the JAAS in Action book (free)
> 2. WebWork in Action
> 3. Mark Mernards Blog has good example of implementing an interceptor.
>

Thanks for the pointer to the JAAS in Action book. Would anyone care
to be a bit more specific in regard to the "inflexibility" of
container managed authentication/authorisation? Is it a case of the
interceptor approach being better across the board, or is there a
point at which the choice tips from container to interceptor?

Regards.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message