struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alex hun <jitb...@singnet.com.sg>
Subject Re: Security and Struts
Date Wed, 11 Sep 2002 12:55:50 GMT
if it fits into my project requirement. i will be the guine pig then wink..thanks
all.

Darren Hill wrote:

> Nice .. thanks Todd.
>
> Anyone ever use this with Struts?
>
> -----Original Message-----
> From: tnist@bellsouth.net [mailto:tnist@bellsouth.net]
> Sent: September 10, 2002 12:41 PM
> To: Struts Users Mailing List
> Subject: Re: RE: Security and Struts
>
> Darren,
>
> Have you looked at the SecurityFilter project by Max Cooper?  Not sure what
> all you need to achieve but this project provides a fairly extensible
> Security module.  You can find it at:
> http://securityfilter.sourceforge.net/
>
> Regards,
> Todd G. Nist
> >
> > From: Darren Hill <dhill@724.com>
> > Date: 2002/09/10 Tue PM 12:23:53 EDT
> > To: 'Struts Users Mailing List' <struts-user@jakarta.apache.org>
> > Subject: RE: Security and Struts
> >
> > Michael ... I've tried the same and thought it was a little messy.
> >
> > I was hope to find an example to uses roles 'n' such.
> >
> > -----Original Message-----
> > From: Michael Lee [mailto:mleejr@hotmail.com]
> > Sent: September 10, 2002 11:13 AM
> > To: Struts Users Mailing List
> > Subject: Re: Security and Struts
> >
> >
> > They have a good login example in the example war in the struts/webapps
> dir.
> > That's the way I've done it in the past. The way I'm currently doing it is
> > to use container managed security. This means NOT using struts for
> > authorization/authentication (for J2EE security). Since your using JSP
> your
> > probably gonna do form base authentication so just post your form to
> > action="j_security_check" and make sure your form username and password
> > fields are j_username and j_password appropriately. Check your container
> > documentation for how to hook this into its security model.
> > I'm currently actually having a problem with this in that I need for the
> > user information to be stored in the session at login. I may just put a
> tag
> > at the top of every page but that seems to get rid of the 'niceties' of
> > using J2EE security. I want to set the locale based upon the loaded user
> > object. Problem is, it goes right to the requested jsp page after login
> > without loading the user and his preferences. Not sure how I'm going to
> > handle this but in the mean time, that is how I handle security.
> > Mike
> >
> >
> > ----- Original Message -----
> > From: "Darren Hill" <dhill@724.com>
> > To: "'Struts Users Mailing List'" <struts-user@jakarta.apache.org>
> > Sent: Tuesday, September 10, 2002 10:24 AM
> > Subject: Security and Struts
> >
> >
> > > Hey all,
> > >
> > > I'm looking for a job document and example about best practices in
> > > implementing security in struts.
> > > I've got the general idea about placing all my JSP's under WEB-INF, but
> a
> > > doc/example might really solidify it for me.  Thanks in advance.
> > >
> > > Darren.
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <mailto:struts-user-unsubscribe@jakarta.apache.org>
> > > For additional commands, e-mail:
> > <mailto:struts-user-help@jakarta.apache.org>
> > >
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:struts-user-unsubscribe@jakarta.apache.org>
> > For additional commands, e-mail:
> > <mailto:struts-user-help@jakarta.apache.org>
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:struts-user-unsubscribe@jakarta.apache.org>
> > For additional commands, e-mail:
> <mailto:struts-user-help@jakarta.apache.org>
> >
> >
>
> --
> To unsubscribe, e-mail:
> <mailto:struts-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:struts-user-help@jakarta.apache.org>
>
> --
> To unsubscribe, e-mail:   <mailto:struts-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:struts-user-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:struts-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:struts-user-help@jakarta.apache.org>


Mime
View raw message