it does support it, just depends on whether or not you correctly structured your application.
Here is a sample app that I wrote to test it. https://jestate.dev.java.net/files/documents/1364/7000/ageci-quick-start.zip There is ample documentation on their web site as well. --b On Sun, 26 Sep 2004 18:59:55 +0800, liu ji <[EMAIL PROTECTED]> wrote: > I don't think acegi security support the programmatic access control. > > By the way,how do you solve the programmatic access control problem? > > ============================================== > Ji Liu > > > >From: bryan <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Struts Developers List <[EMAIL PROTECTED]> > >Subject: Re: why not extend struts to support access control? > >Date: Sun, 26 Sep 2004 12:44:40 +0200 > > > >http://acegisecurity.sourceforge.net > > > >unless of course you feel an irresistable urge to reinvent the wheel for > the > >10000000000000th time ...... > > > >--b > > > > > >On Sun, 26 Sep 2004 05:07:32 +0000, liu ji <[EMAIL PROTECTED]> wrote: > > > Thank you. > > > I know filter can do this very well.But filter have some drawbacks.I > don't > > > know how to express this,because of my poor English. > > > Without struts,I can use a single filter to delegate the request to my > > > access control framework.I have already done this. > > > But when using struts,there will be some redundancies. > > > And I think struts should provide this. > > > > > > May a access control framework which doesn't denpend on struts is more > > > attractive. > > > I want this kind framework. > > > Do you know where can I find one? > > > > > > ============================================== > > > Ji Liu > > > > > > >From: "Frank W. Zammetti (MLists)" <[EMAIL PROTECTED]> > > > >Reply-To: [EMAIL PROTECTED] > > > >To: "Struts Developers List" <[EMAIL PROTECTED]> > > > >Subject: Re: why not extend struts to support access control? > > > >Date: Sat, 25 Sep 2004 13:12:44 -0400 (EDT) > > > > > > > >I'm not sure I follow your reasoning... In terms of security, you > ALWAYS > > > >want a user to be authenticated and validated before ANY > application-level > > > >code executes, and in my mind, that very much includes input > validations. > > > >Filters provide this mechanism, before Struts comes into play, which > is > > > >where it should happen. > > > > > > > >In an enterprise-class application, the trend, and rightly so I think, > is > > > >to externalize security, meaning when a URL is requested, the web > server > > > >hands the user authentication piece off to some handler (like > Netegrity > > > >Siteminder as an example), so it's not the web server, app server or > even > > > >a filter that handles checking if a user is valid for each request. > > > > > > > >Am I missing something that might change my mind? > > > > > > > >-- > > > >Frank W. Zammetti > > > >Founder and Chief Software Architect > > > >Omnytex Technologies > > > >http://www.omnytex.com > > > > > > > > > > _________________________________________________________________ > > > éååæåæ MSN Explorer: http://explorer.msn.com/lccn > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > _________________________________________________________________ > äçäçäæåççåéäççâ MSN Hotmailã http://www.hotmail.com > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]