On 10/21/2003 03:11 PM ajay brar wrote:
hi!
i need to implement the following security features in my security
application.
authentication
which is better - have a login page and keep some sort of bean in
session on successful login
and check for the ban in
the user and his roles when you can then
apply a check like hasKey or isSuperUser.
What u guys think?
-Original Message-
From: Stefan Trcko [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 09, 2003 9:57 AM
To: [EMAIL PROTECTED]
Cc: Struts Users Mailing List
Subject: Re: Struts security
This can simple be done by authorizing user in each action class. We
have request session attributes which may be helpful for checking the
current state of user.
Before doing any processing, first of all, process user authentication
and if finds any restriction then forward the action to
http://www.informit.com/isapi/product_id~%7B1841ABCB-E1B7-445F-A722-1378C58AD8E0%7D/content/index.asp
muzammil shahbaz [EMAIL PROTECTED] wrote:This can simple be done by authorizing user
in each action class. We
have request session attributes which may be helpful for checking the
current state
then forward to success page else to error page.
What do you think? Is this good solution?
Regards
Stefan
- Original Message -
From: muzammil shahbaz [EMAIL PROTECTED]
To: zzStruts Users Mailing List [EMAIL PROTECTED]
Sent: Thursday, October 09, 2003 9:43 AM
Subject: RE: Struts security
: Struts Users Mailing List
Subject: Re: Struts security
File: ATT6.txt
Mailing List
Sent: Thursday, October 09, 2003 9:43 AM
Subject: RE: Struts security
This can simple be done by authorizing user in each action class. We
have request session attributes which may be helpful for checking the
current state of user.
Before doing any processing, first of all
To: Struts Users Mailing List
Subject: Re: Struts security
Hello,
sorry, my english is not so good, perhaps I haven'g got the point yet
(and I'm new to struts so I don't know if it works).
Every time a user clicks a link ( = call an action ) you want to check
if the user has the permissions
: Thursday, 9 October 2003 6:11 PM
To: zzStruts Users Mailing List
Subject: RE: Struts security
Exactly!!!
U got the point. That's what I use to handle security issues.
Keep it up :-)
--
From: Stefan Trcko [SMTP:[EMAIL PROTECTED]
Sent
Greetings,
I am nearing the completion of the code and it should be on sourceforge in
the next day or two. I will be following it up with documentation and
examples over the next week.
FYI - I am finishing up an overhaul on the code so that it fits into the
container managed security and yet
10 matches
Mail list logo