struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zarar Siddiqi" <zar...@gmail.com>
Subject Re: Authentication and Authorization in S2
Date Mon, 20 Aug 2007 17:19:58 GMT
If you're using Spring, it's probably a great idea to use Acegi
Security to handle authentication/authorization.  I can't think of
anything it can't do.

http://www.acegisecurity.org/

There's also Berkano which doesn't do nearly as much as Acegi but can
handle most general AA problems:

http://berkano.codehaus.org/

Zarar


On 8/20/07, Roberto Nunnari <roberto.nunnari@supsi.ch> wrote:
> Hi all.
>
> I need to implement Authentication and Authorization in
> a S2 web application, and before reinventing the wheel, I'd
> like to ask the list for hints and advice.
>
> 1) Is there built-in support in Struts2 for Authentication and
> Authorization?
>
> 2) What are the best practices for AA in S2?
>
> 3) Is JAAS be a practical way in S2?
>
> More details:
> - The application lets the users dynamically register as members
> - In the application, the members can be part of one of two or three
> groups (roles)
> - unauthenticated users can only view some global data
> - authenticated users can change some of their own data
> - authenticated users can view some of other members data
> - the authenticated users can add global content
> - authenticated users in more privileged roles can change some global data
> - authenticated users in the admin role, can do anything
>
> Thank you.
>
> --
> Robi
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message