This isn't your architecture review board. This is a mailing list
supporting struts, just one of many components in your application.
Not a single one of your questions relates to struts.
-Dale
-
To unsubscribe, e-mail:
Dale Newfield suggested:
Not a single one of your questions relates to struts.
How exactly doesn't Using Struts 2.x can we do authorization of client
request, if yes what are
the best practices apply to Struts? Or we can discuss what practises
can be followed to implement this logic using
On 7/8/10 10:17 AM, MB wrote:
Using Struts 2.x can we do authorization of client request, if yes
what are the best practices
That answer has been given 3 times in this thread: Spring Security.
The best practices are to learn about architecture and security, which
are completely independent
I say we start another thread to discuss more about this ducussion.
On Thu, Jul 8, 2010 at 9:31 AM, Dale Newfield d...@newfield.org wrote:
On 7/8/10 10:17 AM, MB wrote:
Using Struts 2.x can we do authorization of client request, if yes
what are the best practices
That answer has been given
On Thu, Jul 8, 2010 at 1:09 PM, Burton Rhodes burtonrho...@gmail.com wrote:
I say we start another thread to discuss more about this ducussion.
I think that would fit best in the struts-users-meta list ;)
-Brian
-
To
Dear List members,
Using Struts 2.x can we do authorization of client request, if yes what are
the best practices for the same please discuss.
Authorization will have two parts
1. decide which action are allowed and which are not,
2 . decide how much data to access.
Means if I have a database
On 7/7/10 7:04 AM, Amol Ghotankar wrote:
Authorization will have two parts
1. decide which action are allowed and which are not,
Spring Security.
2 . decide how much data to access.
Means if I have a database which has 100 rows, then to show 100 or 10 or 50
based on the role of the user
On Wed, Jul 7, 2010 at 8:31 AM, Dale Newfield d...@newfield.org wrote:
Including a notice like this on a request for help sent to a public,
archived mailing list is obnoxious. JSYK, I've been seriously considering
instituting a personal policy whereby I will never respond to such messages.
Dear List members,
1. decide which action are allowed and which are not,
What I used was a spring AOP which intercepted Struts 2 actions, this was
very simple and straight forward.
2 . decide how much data to access.
This I am really working something where struts2 intercepter will read what
On 7/7/10 1:28 PM, Amol Ghotankar wrote:
2 . decide how much data to access.
This I am really working something where struts2 intercepter will read what
role the user has and set some global role for that reqest which will be
read by dao to use to fetch the data.
The interceptor cannot know
On Wed, 2010-07-07 at 13:34 -0400, Dale Newfield wrote:
On 7/7/10 1:28 PM, Amol Ghotankar wrote:
2 . decide how much data to access.
This I am really working something where struts2 intercepter will read what
role the user has and set some global role for that reqest which will be
read
Dear List member,
The issue we are discussing here is Authorization using Struts2x.
Part 1. How to control access of actions
i.e which actions can be accessed by which user role
Part 2 . How to control access of data from back end database based on
action/user-role.
i.e how much data should
On 7/7/10 2:11 PM, Ken wrote:
This is a hand rolled solution I used:
Create an interceptor which checks if a User object exists when
accessing a secure package, if it does not exist redirect the user to a
login page and record the initial url (will redirect back to that page
after login).
This
On Wed, 2010-07-07 at 14:40 -0400, Dale Newfield wrote:
On 7/7/10 2:11 PM, Ken wrote:
This is a hand rolled solution I used:
Create an interceptor which checks if a User object exists when
accessing a secure package, if it does not exist redirect the user to a
login page and record the
On 7/7/10 2:26 PM, Amol Ghotankar wrote:
Part 2 . How to control access of data from back end database based on
action/user-role.
i.e how much data should be returned through called action, 10 rows, 100
rows or 1000 rows from database, based on user role and/or called action.
Whether data
Dear List Members,
Lot of theory put here now lets talk with example.
Lets assume there are three roles a user can have
1. user
2. manager
3, admin
Lets assume a simple CRUD use case which has four actions
1. insert
2. update
3. delete
4. list
Now
A. Part 1.
1. users loged in with user
16 matches
Mail list logo
