it does support it, just depends on whether or not you correctly
structured your
application.

Here is a sample app that I wrote to test it.

https://jestate.dev.java.net/files/documents/1364/7000/ageci-quick-start.zip

There is ample documentation on their web site as well.

--b


On Sun, 26 Sep 2004 18:59:55 +0800, liu ji <[EMAIL PROTECTED]> wrote:
> I don't think acegi security support the programmatic access control.
> 
> By the way,how do you solve the programmatic access control problem?
> 
> ==============================================
> Ji Liu
> 
> 
> >From: bryan <[EMAIL PROTECTED]>
> >Reply-To: [EMAIL PROTECTED]
> >To: Struts Developers List <[EMAIL PROTECTED]>
> >Subject: Re: why not extend struts to support access control?
> >Date: Sun, 26 Sep 2004 12:44:40 +0200
> >
> >http://acegisecurity.sourceforge.net
> >
> >unless of course you feel an irresistable urge to reinvent the wheel for
> the
> >10000000000000th time ......
> >
> >--b
> >
> >
> >On Sun, 26 Sep 2004 05:07:32 +0000, liu ji <[EMAIL PROTECTED]> wrote:
> > > Thank you.
> > > I know filter can do this very well.But filter have some drawbacks.I
> don't
> > > know how to express this,because of my poor English.
> > > Without struts,I can use a single filter to delegate the request to my
> > > access control framework.I have already done this.
> > > But when using struts,there will be some redundancies.
> > > And I think struts should provide this.
> > >
> > > May a access control framework which doesn't denpend on struts is more
> > > attractive.
> > > I want this kind framework.
> > > Do you know where can I find one?
> > >
> > > ==============================================
> > > Ji Liu
> > >
> > > >From: "Frank W. Zammetti (MLists)" <[EMAIL PROTECTED]>
> > > >Reply-To: [EMAIL PROTECTED]
> > > >To: "Struts Developers List" <[EMAIL PROTECTED]>
> > > >Subject: Re: why not extend struts to support access control?
> > > >Date: Sat, 25 Sep 2004 13:12:44 -0400 (EDT)
> > > >
> > > >I'm not sure I follow your reasoning... In terms of security, you
> ALWAYS
> > > >want a user to be authenticated and validated before ANY
> application-level
> > > >code executes, and in my mind, that very much includes input
> validations.
> > > >Filters provide this mechanism, before Struts comes into play, which
> is
> > > >where it should happen.
> > > >
> > > >In an enterprise-class application, the trend, and rightly so I think,
> is
> > > >to externalize security, meaning when a URL is requested, the web
> server
> > > >hands the user authentication piece off to some handler (like
> Netegrity
> > > >Siteminder as an example), so it's not the web server, app server or
> even
> > > >a filter that handles checking if a user is valid for each request.
> > > >
> > > >Am I missing something that might change my mind?
> > > >
> > > >--
> > > >Frank W. Zammetti
> > > >Founder and Chief Software Architect
> > > >Omnytex Technologies
> > > >http://www.omnytex.com
> > > >
> > >
> > > _________________________________________________________________
> > > éååæåæ MSN Explorer:   http://explorer.msn.com/lccn
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: [EMAIL PROTECTED]
> >For additional commands, e-mail: [EMAIL PROTECTED]
> >
> 
> _________________________________________________________________
> äçäçäæåççåéäççâ MSN Hotmailã  http://www.hotmail.com
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to