struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: How do I use JAAS(JbossSX) in Struts?
Date Wed, 08 Jun 2005 10:24:08 GMT
I don't know! It's not clear what you want.

Let me turn the question round:  in your web.xml why do you think that 
protecting /HelpDesk/bruger/* should also protect /DB/home?


Adam

PS: as an OO developer, your action class's name "ToDBAction" makes me 
writhe in agony - hoping I'm not being patronising - before you write an 
app that does more than "hello world", you should check out the 
commonest design patterns and start using a decent naming and coding 
convention - to avoid pain later.

On 08/06/05 10:03&nbsp;marc wrote:
> Sorry the late reply, had som problems with me mailserver last night.
> *********************************************************************
> 
> Why do I need the /DB/home url in web.xml.
> 
> Is't this enough <url-pattern>/HelpDesk/bruger/*</url-pattern> in the
> <security-constraint>?
> 
> Marc
> 
> 
> Adam Hardy wrote:
> 
>> You need to put that /DB/home url pattern in your web.xml otherwise 
>> the servlet container won't force you to login when requesting it.
>>
>>
>> Adam
>>
>> On 07/06/05 13:02&nbsp;marc wrote:
>>
>>> Ok seems like it is not working well at all.
>>>
>>> Me login is logging me in ok. But it seems like neither me web.xml or 
>>> my struts actions is looking in me roles.
>>>
>>> I have a admin user wdkmaol, that has the admin role. To test things 
>>> I made this code in the login action:
>>> **************************************************
>>> Subject testsub = lc.getSubject();
>>>             Set testset = testsub.getPrincipals();
>>>
>>>             Iterator ite = testset.iterator();
>>>
>>>             while (ite.hasNext()){
>>>                 System.out.println("CYKLE CYKLE: 
>>> "+ite.next().toString());
>>>             }
>>> ***************************************************
>>> This prints out:
>>> ***************************************************
>>> CYKLE CYKLE: wdkmaol
>>> CYKLE CYKLE: Roles(members:admin)
>>> ***************************************************
>>> So I should be in the right role.
>>>
>>>
>>> Then I put this in me web.xml:
>>> ***************************************************
>>> <security-constraint>
>>>         <web-resource-collection>
>>>             <web-resource-name>Secure Content</web-resource-name>
>>>             <url-pattern>/HelpDesk/bruger/*</url-pattern>
>>>         </web-resource-collection>
>>>         <auth-constraint>
>>>             <role-name>admin</role-name>
>>>         </auth-constraint>
>>>         <user-data-constraint>
>>>             <transport-guarantee>NONE</transport-guarantee>
>>>         </user-data-constraint>
>>>     </security-constraint>
>>> ***************************************************
>>> But there is no problem going to ****/HelpDesk/bruger/adduser, as the 
>>> admin.
>>>
>>> Last but not least I didt this in some action's to test:
>>> ***************************************************
>>> <action path="/DB/home"
>>>                 type="wilson.helpdesk.actions.menu.ToDbAction"
>>>                 roles="admin">
>>>             <forward name="home"
>>>                      path=".dbcontrol.welcome"
>>>                      redirect="false"/>
>>>         </action>
>>>
>>> ***************************************************
>>>
>>> When I try to access this it comes back with:
>>> ***************************************************
>>> User is not authorized to access action /DB/home
>>> ***************************************************
>>> Even thow Im in the admin role.
>>>
>>>
>>> Im I missing something??
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message