struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eddie Bush <>
Subject Re: Security and Struts
Date Tue, 30 Jul 2002 19:30:37 GMT - look for "Realms".  If you're not 
using Tomcat, check the user documentation for your servlet container. 
 If you'd like the actual spec, it's available on sun's web site. 
 There's also a very good explaination of this mechanism to be found in 
"Java Servlet Programming" (Jason Hunter: O'Reilly) and "Java Server 
Pages" (Hans Bergsten: O'Reilly).

I simply refer to the books, myself - and the Tomcat site, of course. 
 Tomcat gives you the ability to configure your Realms (and their 
associated users/roles) in three formats right out of the box.  Those 
formats are:  flat-file (XML), JDBC, JNDI (LDAP).  If one of those does 
not suite your needs, you can "roll your own".  Other application 
servers implementations may allow different ways to actually implement 
this (I don't think there is a standard wrt the "Realms" in Tomcat - 
however accessing the information for a "logged-in" user *is* 
specifically layed out in the servlet specification).  Search for container-managed authentication :-) and check your 
servlet-container handbook/documentation.  I can't recommend those books 
highly enough either.  I think I reference the JSP book more than the 
servlet book for this particular topic though (just FYI).



Jacob Hookom wrote:

>Eddie, do you have a link for more?
>Jacob Hookom 
>Comprehensive Computer Science 
>University of Wisconsin, Eau Claire 

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message