struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Benedict <paul4chris...@yahoo.com>
Subject RE: Changing Role Access to Actions on the Fly
Date Mon, 03 Jul 2006 19:50:54 GMT
Acegi Security can be used with anything. It protects URLs and no framework has a trademark
on those :)

"Stasica, Grzegorz" <grzegorz.stasica@delphi.com> wrote: 
Hi

Please mind that http://acegisecurity.org/ works on Spring not Struts.
There is possibility to use Struts in Spring but I don't suppose the
opposite is possible :-(



-----Original Message-----
From: Paul Benedict [mailto:paul4christ79@yahoo.com]
Sent: Monday, July 03, 2006 2:54 PM
To: Struts Users Mailing List
Subject: Re: Changing Role Access to Actions on the Fly

Joseph, modifying the user's permissions (not the struts action
mapping), is definitely the way to go. Your app should be able to run
with any framework, and so go with the advice I gave.

Also check out http://acegisecurity.org/

Paul

Thomas Joseph  wrote: Thank you Paul for
your comments,

Adding/removing Roles, adding/removing users to roles, then
permitting/forbidding various actions for these roles is what I want as
the
main feature of my App.

I have an idea of using filter that would do explicit permissions to
roles
on actions, based on configurations of role-action mappings from the
database. How good do you consider this design?

Any other/better design choices??

If other frameworks lack this and if this design goes good enough, I
would
like to roll out this one to the Open Source. :)

Thanks for your help and support

Thomas Joseph

----- Original Message -----
From: "Paul Benedict"

To: "Struts Users Mailing List"
Sent: Monday, July 03, 2006 2:48 PM
Subject: Re: Changing Role Access to Actions on the Fly


> I can say with mild confidence that the action mapping is "frozen"
once
loaded, and changes to it during runtime cannot be made. Since roles are
part of a mapping, it cannot be done.
>
> But don't let the framework stop you! Just because its automated
configuration features are frozen, doesn't mean you can't get around it.
If
you are willing to perform explicit role checking inside the action,
then
you can achieve what you're trying to do. Yes, you will be giving up the
XML
configuration, but, you're doing something very special; I don't even
know
if *ANY* framework allows something like this.
>
> In my opinion, you might search for a better solution. Perhaps dynamic
role changing is a symptom of a bad design. For instance, instead of
changing the role mapping, update the roles the user actually has --
that's
usually how security apps work: change the user, not the app :)
>
> Paul
>
> Thomas Joseph  wrote: I couldnt see any
replies, thats why I am adding up these comments.
>
> Actually I want the application users to create groups (roles), and
then
> assign access rights to various actions for this group. Later group
> membership/access rights should be editable. This should be something
like
> how we can do in Operating Systems.
>
> Any help in this regard is highly appriciated.
>
> Also tell if this is not possible
>
> Thanks in advance.
>
> Thomas Joseph
>
> ----- Original Message -----
> From: "Thomas Joseph"
> To: "Struts Users Mailing List"
> Sent: Friday, June 30, 2006 5:37 PM
> Subject: Changing Role Access to Actions on the Fly
> >
> >
> > Hi all great brains,
> >
> > I would like my application to use roles to access any actions.
However,
I
> want to make access to these actions
> > change while the application is running. User in a role could access
a
> particular action at one time, but not the
> >  other time (when  change has been made). (I understand that role
based
> access to the Action Mapping is static.)
> >
> > Is there any way I can do this.?
> >
> > Any pointers,... ideas ??
> >
> > Thanks in advance!!
> >
> > Thomas Joseph
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org




  
---------------------------------
How low will we go? Check out Yahoo! Messenger's low  PC-to-Phone call
rates.


****************************************************************************************

Note:  If the reader of this message is not the intended recipient, or an employee or agent
responsible for delivering this message to the intended recipient, you are hereby notified
that any dissemination, distribution or copying of this communication is strictly prohibited.
If you have received this communication in error, please notify us immediately by replying
to the message and deleting it from your computer. Thank you.

****************************************************************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org



 		
---------------------------------
How low will we go? Check out Yahoo! Messenger’s low  PC-to-Phone call rates.
Mime
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message