Does anyone know of a Struts work around for the problem with Tomact
in bookmarking the login page for container managed security?
There was a brief thread on this issue about a month ago
[http://www.mail-archive.com/[EMAIL PROTECTED]/msg59734.html]
There is a SourceForge project called
There have been several discussions on this list about how security
should be loosely coupled with the ActionServlet itself (a filter on
top of the application), but I am curious to know the best
practicing for handling the following type of case.
Assume I have an action with a path of
In your case, you can make administrator is a 'user' itself so that
/EditAccount.do works for both roles. However,
I strongly suspect your action/view you have to do lots of if else block to
determine what to do and what to display.
Encapsulation is the key here, I would provide 2 separate
BTW,the current login user can only change his/her own login/acount profile
-D
- Original Message -
From: Dan Tran [EMAIL PROTECTED]
To: Struts Users Mailing List [EMAIL PROTECTED]
Sent: Sunday, March 23, 2003 11:16 AM
Subject: Re: case study with security
In your case, you can make
A good practice is to use decelrative Container Managed Security.
This kind of implies you set it up in web.xml (via a /securePath/*) or
via action mapping in struts config.
(writing you own security is not a good parctice, IMO)
hth,
V
(do not cofuse that with the non container based filter
Is your input attribute value (/OrderMediaMain.jsp) refer to the same location as you
are trying to submit?
Look at the Root Cause portion of your stack trace; it reads:
Can't find bundle for base name etc.ebusiness, locale en_US
Does etc.business mean anything to you?
Sri
-Original
Dan Allen wrote:
There have been several discussions on this list about how security
should be loosely coupled with the ActionServlet itself (a filter on
top of the application), but I am curious to know the best
practicing for handling the following type of case.
Assume I have an action with a
After reading the suggestions, I am going to go with two different
actions for setting up the form. In order to use container managed
security most effectively, I am going to prefix paths with admin
restrictions with admin/ for ease of filter matching.
So
/EditAccount
This mail is really like a [FRIDAY] coming on Sunday. I just
couldn't wait until next Friday to talk about it. I recommend all
business conscious or just curious struts developers/users to check
out the Jan/Feb 2003 edition of Oracle magazine for a horde of
articles on Struts. Sure, most of
Dan Allen wrote:
After reading the suggestions, I am going to go with two different
actions for setting up the form. In order to use container managed
security most effectively, I am going to prefix paths with admin
restrictions with admin/ for ease of filter matching.
So
/EditAccount
At some point the action class has to pass data onto the JSP for
displaying, such as a list of items. This data can either be placed
in the session or the request, depending on how long it needs to
persist. So in essence, the JSP has to work with what I view as
magical data, since the JSP just
Looks like a good solution to me.
Excellent, I am starting to get this ;)
Note, btw, that I did not mean to recommend desk phone as a generic
identifier.
Naturally, I will use what is specific to my app.
Dan
--
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Daniel Allen,
I hope to give my 2 cents here. What I'm going to do (therefore what I would
suggest you to do) is to create a custom tag like
xSecurity:isUserserName=username / which I'll use in my JSP to present
the user some contents instead of some others. The background is that I had
to create an application
It is not necessary to create a specialty tag.
If you are using container managed security and your users are set in
specific roles you can use the logic:present tag with the role
attribute.
I do think the right way to do this is have the view conditional
based on roles.
Mike
--- Marco
Hi, thanks for the reply, but I'm looking for something a little different
from this...
I'm not sure if I am missing some fundamental concept of struts, but it
appears to be missing the ability to have the action class provide a form
bean for presentation that is different from
Thank you. I have this working. The side effect is that it would
require me to define all the attributes at the highest level. What if
I would like to define the attributes at a lower level and then
override it when it changes for a certain page? In my example I would
like to define right at
Why does no one use Jakarta's own OJB for persistence? I think it's the most
wonderful thing in the world, and the caching options with OJB are unbelievable.
-Jacob
-Original Message-
From: Dan Allen [mailto:[EMAIL PROTECTED]
Sent: Sun 3/23/2003 4:31 PM
No , It is going to other jsp based on the selection , I am now able to find
problem . What I was doing , I was using set-property
name=conversationId and In jsp I was taking conversationMap , beacuse of
this diffrence it was not able to invoke the jsp.
New problem is , I am having one FormBean
When it comes to OR mapping JDO is definitely the best
midlle ground available for Java IMO. OJB supports
both JDO and ODMG specs although a fully JDO compliant
version is on its way. So my vote is for OJB.
-Harish
--- Hookom, Jacob John [EMAIL PROTECTED] wrote:
Why does no one use Jakarta's
Kevin,
I'm pretty sure that once you have the attribute inheritance set up, it
won't be possible to override the attribute at a lower level. However, if I
get you right, you could simply define a child definition for page2 which
extends .standardPage. In short, it shouldn't matter at what level
My web-app is working fine in resin but when i switched to tomcat i got this error.
2003-03-24 14:13:57 StandardContext[/]: Servlet / threw load() exception
javax.servlet.UnavailableException: Parsing error processing resource path
/WEB-INF/struts-config-tm.xml,/WEB-INF/struts-config-manager.xml
I don't think I explained it very well. As I understand it I would do
the following using the method you mentioned below:
definition name=page1
extends=.standardPage
put name=title value=Page 1/
put name=content value=/WEB-INF/pages/page1.jsp/
put name=right
i have a web-app that works fine in resin but does not work in tomcat. i always get
this error:
Mar 24, 2003 3:32:00 PM org.apache.commons.digester.Digester startElement
SEVERE: Begin event threw exception
java.lang.NoSuchMethodException: Bean has no property named loginRequired
at
Why does no one use Jakarta's own OJB for persistence?
Tons of people do!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
24 matches
Mail list logo