Re: Struts Security

2005-01-26 Thread Nic Holbrook
I forgot to mention the reason I did this was because we already had a security mechanism in place and didn't have the liberty of using realms on the web or anything like that. It had to be a custom configuration. Nic Holbrook wrote: I kind of set our security up before the struts menu w

Re: Struts Security

2005-01-26 Thread Nic Holbrook
I kind of set our security up before the struts menu was in place. What I have done that seems to work well so far is extend the Action class with a SecureAction class that validates the users role before it lets the user into an action. The execute method actually validates and calls an abst

Re: Servlet filter

2004-06-04 Thread Nic Holbrook
I actually extended the Action class with a SecureAction class and created a Secure Action Mapping. All actions that need to be secured extend this class. In the struts config I have for each action. This way I validate at the role level for each action. This works great since we build menu