What happens if you don't put a security constraint in the web.xml, but
instead just specify a role in action in struts-config.xml?
Adam
Erik Price wrote:
You can limit the resources that are protected by container managed
authentication in the deployment descriptor. Whichever Action requires
if role check fails, Struts sets HttpResponse code 400 (Bad Request)
-D
- Original Message -
From: Adam Hardy [EMAIL PROTECTED]
To: Struts Users Mailing List [EMAIL PROTECTED]
Sent: Saturday, June 14, 2003 2:44 AM
Subject: Re: Login and security checks
What happens if you don't put
I'm currently working on a web app which will be available publicly. In the
past I've secured my webapp using Tomcat's form based security. This works
fine if you require a user to log in as soon as the webapp is initiated (as
is the case with most internal web apps). However, with my current
to the login page.
Shunhui
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, June 13, 2003 11:52 AM
To: [EMAIL PROTECTED]
Subject: Login and security checks
I'm currently working on a web app which will be available publicly. In the
past I've secured my
[EMAIL PROTECTED] wrote:
I'm currently working on a web app which will be available publicly. In the
past I've secured my webapp using Tomcat's form based security. This works
fine if you require a user to log in as soon as the webapp is initiated (as
is the case with most internal web apps).
How can I organize my webapp so that some of the
content is available to anybody, but other parts
can only be done when the user logs in?
available to anybody: http://www.example.com/yourapp/public/*
protected: http://www.example.com/yourapp/members/*
-TPP
[EMAIL PROTECTED] writes:
there is definitely a need for browsing before creating a user id. How can I
organize my webapp so that some of the content is available to anybody, but
other parts can only be done when the user logs in? This may also be tied
into when to use http and when to use
Thanks for the replies Shunhui, Erik, Tero, and Chris. Very helpful
suggestions.
Mike
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, June 13, 2003 2:59 PM
To: [EMAIL PROTECTED]
Subject: RE: Login and security checks
Here's how I do it: use a servlet
8 matches
Mail list logo