On Sun, 28 Jul 2002, Eddie Bush wrote:
Date: Sun, 28 Jul 2002 01:11:16 -0500
From: Eddie Bush [EMAIL PROTECTED]
Reply-To: Struts Users Mailing List [EMAIL PROTECTED]
To: Struts Users Mailing List [EMAIL PROTECTED]
Subject: Re: Struts/Container-Managed Authentication Question
Here's
Craig R. McClanahan wrote:
On Sun, 28 Jul 2002, Eddie Bush wrote:
Set up a page specifically with a security-constraint. Obviously the
user in the above scenario will have to be led to the login by a link -
this scenario would be no different. Your link would be dynamic and
snag the request
Here's something that comes to mind. It's certainly less than idea,
however it would provide a fair work-around:
Create a directory and place a security-constraint on it. This
directory would contain pages that did nothing but redirects. You would
sit down and plan out from where your
Hello again Mete, ;-)
I like this stuff. It's like a puzzle.
Basically I made my welcome-page a dummy page that
redirects the request to /login.do. I made /login.do a
protected resource and what is ironic is that I made
my home page the login page !! (in login-config).
This kinda turns
Subject: Re: Struts/Container-Managed Authentication Question
From: Torgeir Veimo [EMAIL PROTECTED]
===
Max Cooper wrote:
If you can live with a short-term compromise of having a login link on every
page rather than a login form, the first design I sent out should work for
that. I have
/Container-Managed Authentication Question
Subject: Re: Struts/Container-Managed Authentication Question
From: Torgeir Veimo [EMAIL PROTECTED]
===
Max Cooper wrote:
If you can live with a short-term compromise of having a login link on
every
page rather than a login form, the first design
Hello Craig,
--- Craig R. McClanahan [EMAIL PROTECTED] wrote:
If you are using container-managed security, you
either declare a security
constraint (to force a login) or you don't -- there
is no middle ground.
However, if the user went to your second sub-app
first, and then went to
the
between your app and
the authentication
mechanism.
-Max
Thanks,
Mete
- Original Message -
From: Eddie Bush [EMAIL PROTECTED]
To: Struts Users Mailing List
[EMAIL PROTECTED]
Sent: Wednesday, July 17, 2002 6:59 PM
Subject: Re: Struts/Container-Managed Authentication
Question
Max Cooper wrote:
Another alternative is to use a filter to mimic container-managed security
[including wrapping the request with your implementations of
getRemoteUser()
and isUserInRole()]. This way, you could provide a programmatic
interface to
log users in with an Action, ...
I have
On Thu, 18 Jul 2002, Mete Kural wrote:
Date: Thu, 18 Jul 2002 08:46:46 -0700 (PDT)
From: Mete Kural [EMAIL PROTECTED]
Reply-To: Struts Users Mailing List [EMAIL PROTECTED]
To: Struts Users Mailing List [EMAIL PROTECTED]
Subject: Re: Struts/Container-Managed Authentication Question
Hello
On Thu, 18 Jul 2002, Joe Celentano wrote:
Date: Thu, 18 Jul 2002 12:02:27 -0400
From: Joe Celentano [EMAIL PROTECTED]
Reply-To: Struts Users Mailing List [EMAIL PROTECTED]
To: Struts Users Mailing List [EMAIL PROTECTED]
Subject: RE: Struts/Container-Managed Authentication Question
Max
-Original Message-
From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
I do not believe there will ever be such a thing as a generic
application security solution that meets a large majority of people's
needs. The problem is that the needs (well, at least their
wants :-) vary
On Thu, 18 Jul 2002, Nelson, Laird wrote:
Date: Thu, 18 Jul 2002 13:14:49 -0400
From: Nelson, Laird [EMAIL PROTECTED]
Reply-To: Struts Users Mailing List [EMAIL PROTECTED]
To: 'Struts Users Mailing List' [EMAIL PROTECTED]
Subject: RE: Struts/Container-Managed Authentication Question
-Original Message-
From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
(First off, I take your point, but am just stupid enough to think that an
implementation is nevertheless possible. The following is just to spur
further thought.)
What'a a user (i.e. what properties does one
Hello Mete,
One thing that you cannot do with container-managed
security is direct the
users to the login form page to force them to login.
As an alternative, you
can protect a page and send users there, so the
container will send them
through the login form. For instance, if your
Hello Max,
One thing that I want to implement is providing
the
login form within the home-page to make it a
single-step job for them, so they'll see the login
form on the side of the page when they first come
in.
Otherwise there are two steps involved, first
click on
the login
I'd recommend putting it to the Tomcat guys, but I'm just about positive
you'd have to use j_security_check (ie FORM-based authentication).
Mete Kural wrote:
Hi,
My Struts-based webapp has two sub-apps.
In the first sub-app, anybody can surf through without
having to be logged in, but if
Message -
From: Eddie Bush [EMAIL PROTECTED]
To: Struts Users Mailing List [EMAIL PROTECTED]
Sent: Wednesday, July 17, 2002 6:59 PM
Subject: Re: Struts/Container-Managed Authentication Question
I'd recommend putting it to the Tomcat guys, but I'm just about positive
you'd have to use
On Wed, 17 Jul 2002, Mete Kural wrote:
Date: Wed, 17 Jul 2002 18:32:17 -0700 (PDT)
From: Mete Kural [EMAIL PROTECTED]
Reply-To: Struts Users Mailing List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Struts/Container-Managed Authentication Question
Hi,
My Struts-based webapp has
19 matches
Mail list logo