RE: How does ActionForm data pass through container called form based login page?

I'll be very interested to here the outcome... Thanks Martin -Original Message- From: Pady Srinivasan [mailto:[EMAIL PROTECTED] Sent: 26 March 2004 16:07 To: Struts Users Mailing List Subject: RE: How does ActionForm data pass through container called form based login page? We

RE: How does ActionForm data pass through container called form b ased login page?

If ( !loggedIn ) { // save all parameters to session // save current URI as REDIRECT_URI in session // redirect to login action } else if ( redirectUriIsSet ) { RedirectServletRequest newreq = new RedirectServletRequest(re

RE: How does ActionForm data pass through container called form based login page?

I think I need to do some simple test cases - with and without struts. Martin -Original Message- From: Joe Germuska [mailto:[EMAIL PROTECTED] Sent: 26 March 2004 15:20 To: Struts Users Mailing List Subject: RE: How does ActionForm data pass through container called form based login page

RE: How does ActionForm data pass through container called form based login page?

rs Mailing List Subject: RE: How does ActionForm data pass through container called form based login page? This is the only solution I can think of: public class RedirectServletRequest extends HttpServletRequest { public RedirectServletRequest(HttpServletRequest req) { thi

RE: How does ActionForm data pass through container called form based login page?

I might be able to put some general code in the login form (as a jsp) that puts all form data present in the previous page into the login form so it could be passed on, but that will still leave the problem of the method becomes GET instead of POST. I'm really hoping there's a mo

RE: How does ActionForm data pass through container called form b ased login page?

arameters to session // save current URI as REDIRECT_URI in session // redirect to login action } } public class LoginAction extends Action { public void execute(...) { // do login // login success // redi

RE: How does ActionForm data pass through container called form based login page?

Hi Joe, I might be able to put some general code in the login form (as a jsp) that puts all form data present in the previous page into the login form so it could be passed on, but that will still leave the problem of the method becomes GET instead of POST. I'm really hoping there

RE: How does ActionForm data pass through container called form based login page?

At 1:59 PM + 3/26/04, Martin Alley wrote: Well I've just simplified by login form - plain html - no struts stuff going on. I've also simplified the filter so detects a fresh logon and starts a session accordingly - no longer any redirecting to LoginAction. However the critical be

RE: How does ActionForm data pass through container called form based login page?

Well I've just simplified by login form - plain html - no struts stuff going on. I've also simplified the filter so detects a fresh logon and starts a session accordingly - no longer any redirecting to LoginAction. However the critical behaviour is still the same - existingCustomer

How does ActionForm data pass through container called form based login page?

Hi, Suppose I've got a web based form that posts data to an action, and I have that action protected by container form based authorization - how does the ActionForm data get through. I have a situation like this, and my ActionForm is empty after I've been through the form-based login

RE: user login authentication and session timeout

IL PROTECTED] > Subject: user login authentication and session timeout > > > I'm looking for examples or to be pointed in the right direction on how > to achieve the following. > I want my users to be able to access a mojority of my pages without having > to login, but

RE: user login authentication and session timeout

Hi, You can consider the following ways: 1) You can associate an action class for the page that requires a username and password. In that action class you can prompt for username and password. Have a separate action class for the urls that doesn't require login. 2). Have a query s

user login authentication and session timeout

I'm looking for examples or to be pointed in the right direction on how to achieve the following. I want my users to be able to access a mojority of my pages without having to login, but if they select a specific page a small login pop-up window would display which would require a valid user

[OT] Tomcat 5 + j_security_check + login-error-page

Hello everybody, I am porting my application from Tomcat 4.1.29 to Tomcat 5.0.18. I have a Struts ForwardAction mapped to "/Login.do" that produces the page with login form. Form based authentication is set with the following fragment of the deployment descriptor: FORM /Login.do

Re: 'response has already been committed' on protected page when I expected the login form?

from: FORM .login .loginFailed to: FORM /jsp/login/login.jsp /jsp/login/login_failed.jsp Now when I access the test file (the one without tiles) I do get the login form (just the form, not in my tiles). Either way, when I access another

'response has already been committed' on protected page when I expected the login form?

ent and the server. NONE FORM .login .loginFailed appAdmin " My pages are defined in tiles-def.xml as: " " I should note that even when I called the .jsps directly it didn't work either. I feel a lit

Re: Login Validation using Plug in

Hi, There are many examples available on the web. Try this http://struts.sourceforge.net/community/tutorials.html If you mean Struts Validator plugin, I think login is not the best example because Validator Plugins is about format of input .Validate a login will generally access database to know

Login Validation using Plug in

Hi, Can anyone help me how do I validate the login user session using struts Plugin?.Explain me with examples as I am new to struts.. Thanks in Advance.. cheers Sudhakar DISCLAIMER: This message (including attachment if any) is confidential and may be privileged. Before opening

Re: Login Security

mechanism of maybe storing ip addresses, (though a malicious user could spoof these). regards Ajay From: "Janusz Dziadon" <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]>

Re: Login Security

1. I was thinking on corporate solution, where any station has its own ip (maybe from dhcp) 2. I suggested only to store IP, not to compare on next-login or permanent block this IP. It is for future investigation only. 3. This organization may have been "yet blocked" because when has com

RE: Login Security

You could apply what I described by defining the key as username+"@"+ip Good idea! -Original Message- From: Janusz Dziadon [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 16, 2003 4:20 PM To: Struts Users Mailing List Subject: Re: Login Security I think, that you shoul

Re: Login Security

Several organizations expose the same IP address for most or all users. You'd be blocking entire organizations because of one bad login. --- Janusz_Dziadoñ <[EMAIL PROTECTED]> wrote: > I think, that you should register blocked IP anyway in database. It helps to > explain situ

Re: Login Security

kom, Jacob" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Tuesday, December 16, 2003 10:46 PM Subject: RE: Login Security > Do a HashMap in the action: > > Key is username > Value is Integer or Date > > If ((value =

Re: Login Security

Does that sound ok? > > Ciaran > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: 16 December 2003 20:46 > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: RE: Login Security > > Avoid the cookie solution, it's too e

RE: Login Security

Btw, remember to flush the map for that username when they are able to login successfully. -Original Message- From: Hookom, Jacob [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 16, 2003 3:46 PM To: Struts Users Mailing List Subject: RE: Login Security Do a HashMap in the action: Key

RE: Login Security

: Tuesday, December 16, 2003 3:43 PM To: 'Struts Users Mailing List' Subject: RE: Login Security I am storing the username and password in a table in a mySql database. I think I will just add a field "last_failure" to the user table... and after 3 unsuccessful attempts I wil

RE: Login Security

OTECTED] Subject: RE: Login Security Avoid the cookie solution, it's too easy for the user to bypass your security measures and as mentioned below, this solution won't work if the browser has disabled cookies. Don't block IP addresses because they can be easily spoofed and redirected

RE: Login Security

BDY.RTF Description: RTF file - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

RE: Login Security

ssage- From: Ciaran Hanley [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 16, 2003 10:55 AM To: [EMAIL PROTECTED] Subject: Login Security I'm writing a web application using JSP and Struts. I want to add a security feature to my login page where if a user has three unsuccessful logins th

Re: Login Security

One idea The third time the login fails, register the time for that user. When a login gets executed, if the last registered time for the given user is less than the time interval you want -> the login always fails. The user must have something like: User : id || login | passw

Login Security

I'm writing a web application using JSP and Struts. I want to add a security feature to my login page where if a user has three unsuccessful logins they will be unable to log in for a certain period of time afterwards. I can count the number of unsuccessful logins ok but how I'm not s

form data lost through login

. ... The submission is protected by container security, i.e. the url of the action (e.g. /submit.do ) is declared in a block in the web.xml file: private action /submit.do admin The container (Tomcat 4.1.24) is configured to ask credentials by means of a FORM login, i.e.: FOR

Re: [OT] - Login Application

existence of a username/password then yes tie the PriceIndex into the Login If the Price Index is not dependent on username/password then the PriceIndex information cookies et al) should exist indepedently.. ~my 2 cents~ -Martin - Original Message - From: "Jonathan Hawkins" <[EM

[OT] - Login Application

Howdy All, I am writing a custom login application. Our organization has several web applications (Struts of course!) one of which is a shopping cart. The current login application adds two cookies to the users browser - one that stores a number representing a price index and the other an id

processRoles - must lead to login-form...

ether it was neccesary to be logged in to have permissions to enter the requested action. If the user was not logged in and that was a requirement for the action I did send the user through a login page and back to the same requested action. This meant that the parameters where send again... I

Re: Preserving original request until after login redirect

That one is pretty simple: - Use a GET request so the programId is part of the URL. - Store the whole URL, including the query string. - Redirect back to the URL (including query string) after the login. The more difficult case is POSTed parameters that don't show up on the query string

Preserving original request until after login redirect

containing the programId parameter should be saved, then a login should be done - displaying a login page where the user enters username and password and upon login the user is redirected to the track list page. I can manage the redirection ofcorse, but I do not know how to store and restore the re

automate login to other opensource apps

I have several Struts apps with a form-based single signon using a JNDIRealm with md5 passwords in openldap. I'm looking to pass username/password used in Java login to other apps like horde, dotproject, among others for user convenience. Sync of user account info between db stores used by

Re: JAAS Login using LoginAction...

> Anyway, tried the > ideas from this website using JBoss 3.2.1 and Struts 1.1? There's nothing specific to Struts you need concern yourself with. The only thing that's struts related is how you get your login information. I've used one of 2 methods: 1. Used a login.j

RE: JAAS Login using LoginAction...

I don't think that the things in this article work. For one thing, they are using an auth.conf file and now everything for login module configuration is stored in the login-config.xml file. Anyway, tried the ideas from this website using JBoss 3.2.1 and Struts 1.1? Keith On Mon, 2003-09-

RE: JAAS Login using LoginAction...

http://www.theserverside.com/resources/article.jsp?l=JAAS -Original Message- From: Keith Pemberton [mailto:[EMAIL PROTECTED] Sent: Sunday, September 21, 2003 11:50 PM To: [EMAIL PROTECTED] Subject: JAAS Login using LoginAction... I'm having a bit of trouble trying to login

Re: JAAS Login using LoginAction...

authentication, there is no need for struts to do anything. Struts only ever receives authenticated requests since tomcat sorts that out before letting any through. Adam On 09/22/2003 05:49 AM Keith Pemberton wrote: I'm having a bit of trouble trying to login to a Database Realm that I

JAAS Login using LoginAction...

I'm having a bit of trouble trying to login to a Database Realm that I have setup with JBoss. What I would like to do is to be able to login to the JAAS SecurityManager using a LoginAction. How is the best way to go about this. I have tried just doing it by calling the LoginContext login m

Re: login test in a jsp page - any suggestions

D]> Sent: Tuesday, August 26, 2003 2:52 PM Subject: Re: login test in a jsp page - any suggestions isn't it should be better to put his verification at actions? maybe a common super action could validade it, but I think that the jsp should be the last place to put it. Ideally, the js

RE: login test in a jsp page - any suggestions

od on your forms. -Richard -Original Message- From: David Thielen [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2003 8:03 PM To: Struts Users Mailing List Subject: Re: login test in a jsp page - any suggestions How can I set things up so people can't get to a jsp page? I

RE: login test in a jsp page - any suggestions

I would do this using Servlet Filters. Thanks -- pady [EMAIL PROTECTED] -Original Message- From: David Thielen [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2003 11:03 PM To: Struts Users Mailing List Subject: Re: login test in a jsp page - any suggestions How can I set

Re: login test in a jsp page - any suggestions

dave - Original Message - From: "Emerson Cargnin" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Tuesday, August 26, 2003 2:52 PM Subject: Re: login test in a jsp page - any suggestions > isn't it should be better to put his ve

Re: login test in a jsp page - any suggestions

I used login as a simple example. But I have another case that is not as simple. I have a 5 page check-out procedure. I want to set it up so that each page will forward to the previous page if the previous page's input fields have not been filled out yet. So each page has to do a different

RE: login test in a jsp page - any suggestions

mp;r;=1&w;=2 HTH, Cezar > -Original Message- > From: David Thielen [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 26, 2003 4:16 PM > To: Struts-Users > Subject: login test in a jsp page - any suggestions > > Hi; > > I want to put a test in every jsp

Re: login test in a jsp page - any suggestions

isn't it should be better to put his verification at actions? maybe a common super action could validade it, but I think that the jsp should be the last place to put it. Ideally, the jsp's are not even exposed to clients, making the access the view only through actions. David Thielen wrote: Hi;

RE: login test in a jsp page - any suggestions

Why not use a servlet filter ? Thanks -- pady [EMAIL PROTECTED] -Original Message- From: David Thielen [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2003 4:16 PM To: Struts-Users Subject: login test in a jsp page - any suggestions Hi; I want to put a test in every jsp page

login test in a jsp page - any suggestions

Hi; I want to put a test in every jsp page to see if the user is logged in. And if not, to forward them to login.jsp. Is there any way to do this other than putting java code in my jsp? I'm hoping there is some struts system like . (Yes, I can have everything be an action that does this test an

RE: User authentication methods (or ways to login a user)

11:33 PM > To: Struts Users Mailing List > Subject: User authentication methods (or ways to login a user) > > > Hi, > > I'm new to Struts and to getr used to it I developped an > application which has to log in a user by checking records > in a

User authentication methods (or ways to login a user)

entication: 1. session variable on user login, check the variable on each action 2. filter authentication 3. security contraints = container authentication (?) 4. using a tag in each jsp for the validation Are there any other methods? As for what method should one use I think depends on many fa

RE: login request

in field 'scope' to my own design. That way, I can have my security information available in the struts-config.xml (or module) file(s). Regards, David -Original Message- From: Jung, Eric (Contractor) [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 20, 2003 1:54 PM To: Struts U

RE: login request + ActionServlet RequestProcessor Action

he member level allowed to use this action (feel free to use this as a controller for a module as well. If you want a user to have multiple levels, switch a simple int to a map, bit-mask, or other design of your choosing. 3. All login-required actions now have a scope set to 'sco

Re: login request + ActionServlet RequestProcessor Action

ginal Message- > From: Andy Richards [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 21, 2003 9:55 AM > To: Struts Users Mailing List > Subject: Re: login request + ActionServlet RequestProcessor Action > > > Hmm > > Strugling a bit with this one now.?? I have ext

Page After Login - Refresh problem

Hello, I used Struts to develop a web app which has a login form to permit access to different functionnalities via a menu page. I use a session var I set at login to check if the user has not logged out. The problem that I have is, once I do the logoff, if I use the Back button of the browser to

Re: login request + ActionServlet RequestProcessor Action

global exceptions in the stuts config to redirect the user to my login page (but no joy!). Anyone have any ideas? Also what method should i override in the RequestProcessor when handling my login? many thanks Andy On Thursday 21 Aug 2003 11:40 am, Kok Wei, Koh wrote: > Yeah you should only n

Re: login request + ActionServlet RequestProcessor Action

weeks back, I ran into a problem where one of my Actions needs to extend a class to inherit some functionality, but I was stucked because I need to extend my "AuthenticationAction" which handles all my user login stuff. I can't extend from 2 classes, right? I then went on

RE: login request + ActionServlet RequestProcessor Action

ssage- |From: Andy Richards [mailto:[EMAIL PROTECTED] |Sent: Thursday, August 21, 2003 2:19 PM |To: Struts Users Mailing List |Subject: Re: login request + ActionServlet RequestProcessor Action | | |Hi | |After deciding which approach to take and reading a few of my struts books |about the contr

Re: login request + ActionServlet RequestProcessor Action

need to extend my > "AuthenticationAction" which handles all my user login stuff. > > I can't extend from 2 classes, right? I then went on to research the > RequestProcessor. I used tiles of Struts 1.1 in my project so what I did > was I ported the "AuthenticationAction" cod

Re: login request + ActionServlet RequestProcessor Action

"AuthenticationAction" which handles all my user login stuff. I can't extend from 2 classes, right? I then went on to research the RequestProcessor. I used tiles of Struts 1.1 in my project so what I did was I ported the "AuthenticationAction" code to say "AuthenticationRe

Re: login request + ActionServlet RequestProcessor Action

Hi After deciding which approach to take and reading a few of my struts books about the controller object ; ) I am now confused as which is the most appropriate class to extend to perform my login functionality. David suggests extending the base action class, however i have read that the

Re: login request

lements LoginCheck > 3. checkLogin(request) <--- 1st line from within the execute > or DispatchAction, or LookupDispatchAction method, etc. > > Regards, > David > > ---Original Message--- > From: Andy Richards <[EMAIL PROTECTED]> > Sent: 08/20/03 09:46 AM >

RE: login request

ction in your application? -eric -Original Message- From: David G. Friedman [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 20, 2003 9:42 AM To: Struts Users Mailing List; [EMAIL PROTECTED] Subject: Re: login request Dear Andy, I'm doing the same thing you suggest. My ap

Re: login request

n, or LookupDispatchAction method, etc. Regards, David ---Original Message--- From: Andy Richards <[EMAIL PROTECTED]> Sent: 08/20/03 09:46 AM To: [EMAIL PROTECTED] Subject: login request > > Hi, i have created a form and a action which checks to see if a user exists in my

Re: login request

ecks to see if a user exists in > my database and if so a value object is placed into the session. What i am > unsure of is how to a action called everytime a request is made? Can i > configure struts-config.xml to send all requests via an acti

login request

if this session object exists, and if not redirect the user to the login page? many thanks Andy -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

RE: New Bie : org.apache.jasper.JasperException: Cannot retrieve mapping for action /login

Hi, This is my first Struts app, I have a login.jsp in which I have declared a form tag with action as login.do and I have two buttons(a login button and a browse button) on the page. I have written a form bean and an action class also. While trying to access login.jsp I get an "Internal S

RE: New Bie : org.apache.jasper.JasperException: Cannot retrieve mapping foraction /login

probably because the error message says login whilst your config says /Login your config should say From: Seshadhri Srinivasan <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMA

Re: login for half my action mappings, leaving other half unsecured

On Thu, 17 Jul 2003, Adam Hardy wrote: > Date: Thu, 17 Jul 2003 11:34:49 +0200 > From: Adam Hardy <[EMAIL PROTECTED]> > Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]> > To: Struts Users Mailing List <[EMAIL PROTECTED]> > Subject: login for half my ac

more about login

le this because it can't see the login and error pages under WEB-INF. The only options I think I have is (a) use html files not under WEB-INF or (b) set up an action forward mapping to inside WEB-INF I want to use JSPs and not just html files because I want to localise them for language etc

login for half my action mappings, leaving other half unsecured

In some of my action mappings I am providing XML output for anybody and it shouldn't be protected by any web.xml security-constraint, but for the rest, I need login security which I already have set up. What I have come up with after a slight false start is a plan to have all my se

RE: login framework

PROTECTED] Sent: Tuesday, July 15, 2003 2:42 PM To: [EMAIL PROTECTED] Subject: login framework Hi, I have a following requirement, there are 2 links on a webpage, when the user clicks on 1st link show the user login screen if he is not logged in( ihave login info in session), if the login is valid f

login framework

Hi, I have a following requirement, there are 2 links on a webpage, when the user clicks on 1st link show the user login screen if he is not logged in( ihave login info in session), if the login is valid forward the request to 1st html page, if the user clicks on 2nd link, again show the login

RE: Login Form

On Thu, 10 Jul 2003, Erez Efrati wrote: > Date: Thu, 10 Jul 2003 20:29:11 +0200 > From: Erez Efrati <[EMAIL PROTECTED]> > Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]> > To: 'Struts Users Mailing List' <[EMAIL PROTECTED]> > Subject: RE:

RE: Login Form

ECTED] Sent: Thursday, July 10, 2003 6:27 PM To: Struts Users Mailing List Subject: RE: Login Form Just need to include the relevant JBoss jar(s) on your classpath in JBuilder... For JBoss 4 it is simply jboss.jar (found in JBOSS_HOME/server/CONFIG/lib) :-) Sean -- Dr. Sean Radford, MBBS, MSc <[EMA

RE: Login Form

---Original Message- > From: Erez Efrati [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 10, 2003 4:44 PM > To: 'Struts Users Mailing List' > Subject: RE: Login Form > > Thanks a lot Sean, I will try it and let you know how it works. > > Thanks for your great

RE: Login Form

44 PM To: 'Struts Users Mailing List' Subject: RE: Login Form Thanks a lot Sean, I will try it and let you know how it works. Thanks for your great help, Erez -Original Message- From: Sean Radford [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 12:28 PM To: Struts Use

RE: Login Form

Thanks a lot Sean, I will try it and let you know how it works. Thanks for your great help, Erez -Original Message- From: Sean Radford [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 12:28 PM To: Struts Users Mailing List Subject: RE: Login Form Erez, Things you need to do

RE: Login Form

Sean Radford [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 10, 2003 11:26 AM > To: Struts Users Mailing List > Subject: RE: Login Form > > All, > > Please find attached my securityfilter realm adaptor. The other code I > was waiting for hasn't materialised, so I

RE: Login Form

? Thanks, Erez -Original Message- From: Sean Radford [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 11:26 AM To: Struts Users Mailing List Subject: RE: Login Form All, Please find attached my securityfilter realm adaptor. The other code I was waiting for hasn't materialised,

RE: Login Form

gt; > -Original Message- > From: Sean Radford [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 09, 2003 11:19 AM > To: Struts Users Mailing List > Subject: RE: Login Form > > On Tue, 2003-07-08 at 20:34, Erez Efrati wrote: > > Thanks Sean, > > > > I loo

RE: Login Form

Radford [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 09, 2003 11:19 AM To: Struts Users Mailing List Subject: RE: Login Form On Tue, 2003-07-08 at 20:34, Erez Efrati wrote: > Thanks Sean, > > I looked at it and it does avoid the BIG limitation posed by the > standard spec in fact. St

RE: Login Form

elopment and it amazes me that such a basic > feature is missing from the Servlet spec and is not addressed. Why is it > that way? Is it so unusual to want to have the login fields on the start > page?? Not unusual at all... And many Java sites have it that way, but they don't necessaril

RE: Login Form

missing from the Servlet spec and is not addressed. Why is it that way? Is it so unusual to want to have the login fields on the start page?? Thanks, Erez -Original Message- From: Sean Radford [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 8:21 PM To: Struts Users Mailing List

RE: Login Form

Have a look at this (you may find what you want): http://sourceforge.net/projects/securityfilter/ Sean > -Original Message- > From: Erez Efrati [mailto:[EMAIL PROTECTED] > Sent: July 8, 2003 10:11 AM > To: 'Struts Users Mailing List' > Subject: Login Form >

RE: Login Form

On Tue, 8 Jul 2003, Erez Efrati wrote: > Date: Tue, 08 Jul 2003 19:03:17 +0200 > From: Erez Efrati <[EMAIL PROTECTED]> > Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]> > To: 'Struts Users Mailing List' <[EMAIL PROTECTED]> > Subject: RE: Login

RE: Login Form

Here is the link: http://www.mail-archive.com/[EMAIL PROTECTED]/msg14215.html - Oh I thought you had trouble accessing a protected login page from a non-secure page. Is this what you want to do in your main page? User ID: Password: And your problem is

RE: Login Form

Oh I thought you had trouble accessing a protected login page from a non-secure page. Is this what you want to do in your main page? User ID: Password: And your problem is that you don't have control over 'my_security_check' does in JAAS. I found an archive mail on

RE: Login Form

Yansheng Lin, I didn't understand, sorry. All I want to do is enable the users to login into my site from the starting page of the web site. Is it possible to post the a form action='j_security_check'? I mean before accessing a protected page which the Tomcat protects and sends

RE: Login Form

Not sure if I understand it entirely. But you can use an iframe for the login form(protected page) on the site home page. Something like: Hope this helps. -Original Message- From: Erez Efrati [mailto:[EMAIL PROTECTED] Sent: July 8, 2003 10:11 AM To: 'Struts Users Mailing

Login Form

FORM clauses inside the Web.xml file. In my web site I want to have the site home page to have also a small login form where the user could enter username and password and login to the site. The home page, contains other links as well, which lead to other parts of the site or even to external pages on

Re: Login and security checks

if role check fails, Struts sets HttpResponse code 400 (Bad Request) -D - Original Message - From: "Adam Hardy" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Saturday, June 14, 2003 2:44 AM Subject: Re: Login and securit

Re: Login and security checks

What happens if you don't put a security constraint in the web.xml, but instead just specify a role in action in struts-config.xml? Adam Erik Price wrote: You can limit the resources that are protected by container managed authentication in the deployment descriptor. Whichever Action requires

RE: Login and security checks

Thanks for the replies Shunhui, Erik, Tero, and Chris. Very helpful suggestions. Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, June 13, 2003 2:59 PM To: [EMAIL PROTECTED] Subject: RE: Login and security checks Here's how I do it: use a se

Re: Login and security checks

[EMAIL PROTECTED] writes: > there is definitely a need for browsing before creating a user id. How can I > organize my webapp so that some of the content is available to anybody, but > other parts can only be done when the user logs in? This may also be tied > into when to use http and when to us

RE: Login and security checks

> How can I organize my webapp so that some of the > content is available to anybody, but other parts > can only be done when the user logs in? available to anybody: http://www.example.com/yourapp/public/* protected: http://www.example.com/yourapp/members/* -TPP

Re: Login and security checks

[EMAIL PROTECTED] wrote: I'm currently working on a web app which will be available publicly. In the past I've secured my webapp using Tomcat's form based security. This works fine if you require a user to log in as soon as the webapp is initiated (as is the case with most internal web apps).

  1   2   3   >