struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roberto Nunnari <roberto.nunn...@supsi.ch>
Subject Authentication and Authorization in S2
Date Mon, 20 Aug 2007 17:12:00 GMT
Hi all.

I need to implement Authentication and Authorization in
a S2 web application, and before reinventing the wheel, I'd
like to ask the list for hints and advice.

1) Is there built-in support in Struts2 for Authentication and 
Authorization?

2) What are the best practices for AA in S2?

3) Is JAAS be a practical way in S2?

More details:
- The application lets the users dynamically register as members
- In the application, the members can be part of one of two or three 
groups (roles)
- unauthenticated users can only view some global data
- authenticated users can change some of their own data
- authenticated users can view some of other members data
- the authenticated users can add global content
- authenticated users in more privileged roles can change some global data
- authenticated users in the admin role, can do anything

Thank you.

-- 
Robi


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message