struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wild_oscar <mig...@almeida.at>
Subject Re: JAAS authorization with Struts
Date Mon, 02 Jul 2007 08:56:07 GMT

Oh, nice, I'll try to implement this then. I have read a lot about
authorization and authentication and am trying to decide the best
alternative for my struts based application (which can hopefully become my
standard in web app development). 

Thank you for the tip, I'll report to say how it is going.
Because I'm still rather new in the development process, what is the best
strategy for the filter implementation? Should I create a filter
specifically for this task or is there a "rule of thumb" in the creation of
filters so that they can be grouped together depending on some criterion
(life cycle phase when they're called, for example)?



Chris Pratt wrote:
> 
> Exactly.
>   (*Chris*)
> 
> On 6/29/07, wild_oscar <miguel@almeida.at> wrote:
>>
>>
>> Do you mean implementing a HttpServletRequestWrapper and overriding its
>> isUserInRole so that it finds the user and its roles in the httpsession
>> (where I stored the Principals)?
>>
>>
>>
>> Chris Pratt wrote:
>> >
>> > It uses the HttpServletRequest.isUserInRole() method.  One way to
>> populate
>> > this is with a Filter that wraps the request with an
>> > HttpServletRequestWrapper.
>> >   (*Chris*)
>> >
>> > On 6/29/07, wild_oscar <miguel@almeida.at> wrote:
>> >>
>> >>
> 
> 

-- 
View this message in context: http://www.nabble.com/JAAS-authorization-with-Struts-tf4000073.html#a11390663
Sent from the Struts - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message