struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From marc <wdkm...@wilson.dk>
Subject Re: How do I use JAAS(JbossSX) in Struts?
Date Wed, 08 Jun 2005 09:03:03 GMT
Sorry the late reply, had som problems with me mailserver last night.
*********************************************************************

Why do I need the /DB/home url in web.xml.

Is't this enough <url-pattern>/HelpDesk/bruger/*</url-pattern> in the
<security-constraint>?

Marc


Adam Hardy wrote:
> You need to put that /DB/home url pattern in your web.xml otherwise the 
> servlet container won't force you to login when requesting it.
> 
> 
> Adam
> 
> On 07/06/05 13:02&nbsp;marc wrote:
> 
>> Ok seems like it is not working well at all.
>>
>> Me login is logging me in ok. But it seems like neither me web.xml or 
>> my struts actions is looking in me roles.
>>
>> I have a admin user wdkmaol, that has the admin role. To test things I 
>> made this code in the login action:
>> **************************************************
>> Subject testsub = lc.getSubject();
>>             Set testset = testsub.getPrincipals();
>>
>>             Iterator ite = testset.iterator();
>>
>>             while (ite.hasNext()){
>>                 System.out.println("CYKLE CYKLE: 
>> "+ite.next().toString());
>>             }
>> ***************************************************
>> This prints out:
>> ***************************************************
>> CYKLE CYKLE: wdkmaol
>> CYKLE CYKLE: Roles(members:admin)
>> ***************************************************
>> So I should be in the right role.
>>
>>
>> Then I put this in me web.xml:
>> ***************************************************
>> <security-constraint>
>>         <web-resource-collection>
>>             <web-resource-name>Secure Content</web-resource-name>
>>             <url-pattern>/HelpDesk/bruger/*</url-pattern>
>>         </web-resource-collection>
>>         <auth-constraint>
>>             <role-name>admin</role-name>
>>         </auth-constraint>
>>         <user-data-constraint>
>>             <transport-guarantee>NONE</transport-guarantee>
>>         </user-data-constraint>
>>     </security-constraint>
>> ***************************************************
>> But there is no problem going to ****/HelpDesk/bruger/adduser, as the 
>> admin.
>>
>> Last but not least I didt this in some action's to test:
>> ***************************************************
>> <action path="/DB/home"
>>                 type="wilson.helpdesk.actions.menu.ToDbAction"
>>                 roles="admin">
>>             <forward name="home"
>>                      path=".dbcontrol.welcome"
>>                      redirect="false"/>
>>         </action>
>>
>> ***************************************************
>>
>> When I try to access this it comes back with:
>> ***************************************************
>> User is not authorized to access action /DB/home
>> ***************************************************
>> Even thow Im in the admin role.
>>
>>
>> Im I missing something??


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message