Re: Fine Grained Access Control in Sturts

Message - From: Dan Allen [EMAIL PROTECTED] To: Struts Users Mailing List [EMAIL PROTECTED] Sent: Thursday, March 20, 2003 9:36 PM Subject: Re: Fine Grained Access Control in Sturts I always feel bad when I ask a question that is in the existing documentation. For others (unlike David

RE: Fine Grained Access Control in Sturts

- Zürich Office: +41 (0)1/234.42.75 Internal: 48194 Mobile: 079.726.14.26 _ -Original Message- From: Max Cooper [mailto:[EMAIL PROTECTED] Sent: Friday, March 21, 2003 9:05 AM To: Struts Users Mailing List Subject: Re: Fine Grained Access Control in Sturts A given user can have

Re: Fine Grained Access Control in Sturts

container-managed security or a filter-based solution like http://securityfilter.sourceforge.net/. -Max shamelessly plugging SecurityFilter again :) - Original Message - From: Mike Duffy [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, March 20, 2003 12:23 PM Subject: Fine Grained Access

Re: Fine Grained Access Control in Sturts

. If you just use the basic schema, you don't have to do any special processing. -Max - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 21, 2003 12:10 AM Subject: RE: Fine Grained Access Control in Sturts Is there a way to actually use Roles and Groups

RE: Fine Grained Access Control in Sturts

: Friday, March 21, 2003 10:17 AM To: Struts Users Mailing List Subject: Re: Fine Grained Access Control in Sturts Roles are groups are essentially the same thing in the context of Servlet-spec security. The method request.isUserInRole(role-name) is all you get. You can map the more complicated

Re: Fine Grained Access Control in Sturts

] Sent: Thursday, March 20, 2003 12:23 PM Subject: Fine Grained Access Control in Sturts Does anyone have any thoughts on fine grained access control in Struts? Struts enables access control based on actions (see Struts in Action, Husted, et. al., pp 550-553), and most application servers

RE: Fine Grained Access Control in Sturts

http://jakarta.apache.org/struts/userGuide/struts-tiles.html#insert David From: [EMAIL PROTECTED] Reply-To: Struts Users Mailing List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: RE: Fine Grained Access Control in Sturts Date: Fri, 21 Mar 2003 08:12:26 +0100 Can you have a tile require

Re: Fine Grained Access Control in Sturts

How would this be done with jstl? c:if test=${user.role == 'member'}/ ??? The logic:present tag relies on HttpServletRequest.isUserInRole() http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpServletRequest.html#isUserInRole(java.lang.String) So, in JSTL I *think* you could do

Fine Grained Access Control in Sturts

Does anyone have any thoughts on fine grained access control in Struts? Struts enables access control based on actions (see “Struts in Action”, Husted, et. al., pp 550-553), and most application servers can protect resources based on realms/roles. But what about display options based on roles.

Re: Fine Grained Access Control in Sturts

http://jakarta.apache.org/struts/userGuide/struts-logic.html#present David From: Mike Duffy [EMAIL PROTECTED] Reply-To: Struts Users Mailing List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Fine Grained Access Control in Sturts Date: Thu, 20 Mar 2003 12:23:07 -0800 (PST) Does anyone have

RE: Fine Grained Access Control in Sturts

PROTECTED] Subject: Fine Grained Access Control in Sturts Does anyone have any thoughts on fine grained access control in Struts? Struts enables access control based on actions (see Struts in Action, Husted, et. al., pp 550-553), and most application servers can protect resources based

Re: Fine Grained Access Control in Sturts

-logic.html#present David From: Mike Duffy [EMAIL PROTECTED] Reply-To: Struts Users Mailing List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Fine Grained Access Control in Sturts Date: Thu, 20 Mar 2003 12:23:07 -0800 (PST) Does anyone have any thoughts on fine grained access control

Re: Fine Grained Access Control in Sturts

Grained Access Control in Sturts Does anyone have any thoughts on fine grained access control in Struts? Struts enables access control based on actions (see Struts in Action, Husted, et. al., pp 550-553), and most application servers can protect resources based on realms/roles. But what

Re: Fine Grained Access Control in Sturts

Users Mailing List [EMAIL PROTECTED] Subject: Re: Fine Grained Access Control in Sturts Date: Thu, 20 Mar 2003 12:38:14 -0800 (PST) Thanks David. I always feel bad when I ask a question that is in the existing documentation. For others (unlike David) who do not have the documentation memorized

RE: Fine Grained Access Control in Sturts

+1 ... and if the docs don't have the answer, there is always the source code and DTDs. -Original Message- From: David Graham [mailto:[EMAIL PROTECTED] Sent: Thursday, March 20, 2003 3:42 PM To: [EMAIL PROTECTED] Subject: Re: Fine Grained Access Control in Sturts I don't have

Re: Fine Grained Access Control in Sturts

I always feel bad when I ask a question that is in the existing documentation. For others (unlike David) who do not have the documentation memorized, the logic:present tag will take a role attribute: Checks whether the currently authenticated user (if any) has been associated with any

Re: Fine Grained Access Control in Sturts

I always feel bad when I ask a question that is in the existing documentation. For others (unlike David) who do not have the documentation memorized, the logic:present tag will take a role attribute: Checks whether the currently authenticated user (if any) has been associated with any

RE: Fine Grained Access Control in Sturts

:[EMAIL PROTECTED] Sent: Thursday, March 20, 2003 9:23 PM To: [EMAIL PROTECTED] Subject: Fine Grained Access Control in Sturts Does anyone have any thoughts on fine grained access control in Struts? Struts enables access control based on actions (see Struts in Action, Husted, et. al., pp 550-553