struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Navjot Singh <navjo...@net4india.net>
Subject Re: How to implements Role Based Access Control in Struts ?
Date Fri, 25 Jun 2004 09:42:10 GMT
you may better try securityfilter.sf.net or jGurad


Lesaint Sébastien wrote:

> Hi,
> 
> I was just looking into Pow2ACL, I wonder if this solution is up to date,
> looks like the last release came out in 2002. It is said it is integrated
> with Struts, but if it is that old, I wonder if it does work with the last
> releases of Struts.
> 
> Anybody using Pow2ACL with struts around here? I would really appreciate
> opinions about this product.
> 
> Thanks
> 
> -----Message d'origine-----
> De : David Friedman [mailto:humble@ix.netcom.com] 
> Envoyé : vendredi 25 juin 2004 03:51
> À : Struts Users Mailing List
> Objet : RE: How to implements Role Based Access Control in Struts ?
> 
>>>From a database?  Pow2ACL.
> http://pow2acl.sourceforge.net
> 
> -----Original Message-----
> From: javen fang [mailto:fajaven2000@yahoo.com.cn]
> Sent: Thursday, June 24, 2004 9:41 PM
> To: Struts Users Mailing List
> Subject: Re: How to implements Role Based Access Control in Struts ?
> 
> 
> Thank you, bill.
> 
> I have seen the SecurityFilter project. It seems that
> it is replacer to Container Management Security, and
> it is based securityfilter-config.xml file. But I need
> to obtain roles information from database, my customer
> can insert a role, and determine which permission the
> role has.
> 
> thanks all the same.
> 
> Can you give me another advice? 
> 
>  - javen fang
> 
> --- Bill Siggelkow <billsigg@bellsouth.net> wrote:
> 
>>If container-managed security is to limiting for you
>>but you still want 
>>to use the <logic:present role="..."> tag then you
>>might want to look 
>>into SecurityFilter
>>(http://securityfilter.sourceforge.net). There are a
>>
>>lot of pros and cons when choosing a security
>>mechanism. SecurityFilter 
>>allows many conveniences offered by
>>container-managed security (like 
>>being able to use "request.isUserInRole(...)" etc.
>>yet still allow a 
>>custom solution.
>>
>><shameless-plug>
>>I provided the initial draft for the Struts Security
>>chapter of Struts: 
>>The Complete Reference (Osborne) by James Holmes. I
>>cover a lot of these 
>>   details in this chapter.
>></shameless-plug>
>>
>>Let me know if you have more specific questions: I
>>will be glad to help :)
>>
>>Bill Siggelkow
>>
>>javen fang wrote:
>>
>>
>>>Hi , all:
>>>
>>>I have queried this mailing list, and I get some
>>>discusses about RBAC ( Role Based Access Control )
>>
>>in
>>
>>>struts. I understand that <logic:present
>>
>>role="...">
>>
>>>in JSP page and "role" attribute in ActionMapping
>>
>>are
>>
>>>all prepared with Container Management Access
>>
>>Control,
>>
>>>etc, JDBCRealm.
>>>
>>>But it seems that what I need is not Container
>>>Management Access Control,because CMAC is
>>
>>configured
>>
>>>in config file(etc, server.xml,web.xml) , but I
>>
>>want
>>
>>>to let customer config user roles in dynamic
>>
>>way,and
>>
>>>the user roles infomation is read from database. 
>>>
>>>So,how can I implements RBAC with struts. can you
>>
>>give
>>
>>>me some advice?
>>>
>>>thanks, javen
>>>
>>>
>>>		
>>>__________________________________
>>>Do you Yahoo!?
>>>Yahoo! Mail - 50x more storage than other
>>
>>providers!
>>
>>>http://promotions.yahoo.com/new_mail
>>
>>
>>
> ---------------------------------------------------------------------
> 
>>To unsubscribe, e-mail:
>>user-unsubscribe@struts.apache.org
>>For additional commands, e-mail:
>>user-help@struts.apache.org
>>
> 
> 
> 
> 
> 		
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message