: jeudi 23 août 2007 18:22
À : Struts Users Mailing List
Objet : Re: Authentication and Authorization in S2
What do you mean with "100% Struts 2 security"? As far I know, S2 does
not have anything out-of-the-box regarding security.
In my case, I had to manually develop a login act
protects only *actions* and not data (i.e. which roles can see which
> rows in the database).
>
>
> -Message d'origine-
> De: wild_oscar [mailto:[EMAIL PROTECTED]
> Envoyé: jeudi 23 août 2007 16:15
> À: user@struts.apache.org
> Objet: Re: Authentication and Auth
data (i.e. which roles can see which
rows in the database).
-Message d'origine-
De : wild_oscar [mailto:[EMAIL PROTECTED]
Envoyé : jeudi 23 août 2007 16:15
À : user@struts.apache.org
Objet : Re: Authentication and Authorization in S2
How about AA with Struts2 only?
I'm tryin
How about AA with Struts2 only?
I'm trying to understand Authorization with JAAS, but I'm not being very
successeful. Authentication is taken care of, I use JAAS and a PostgreSQL
database to store users, passwords and roles.
In the end of authentication, I store the subject in the HttpSession:
Thank you very much Zarar and Alvaro for your hints.
Yes. I'm using spring, and I'll take a look at Acegi, and maybe
Berkano, too.
Best regards.
--
Robi.
I'll take a look at the
Alvaro Sanchez-Mariscal wrote:
I agree. You should first try Acegi.
If your auth needs are very specific, you ca
I agree. You should first try Acegi.
If your auth needs are very specific, you can always develop a custom
interceptor.
Alvaro.
On 8/20/07, Zarar Siddiqi <[EMAIL PROTECTED]> wrote:
> If you're using Spring, it's probably a great idea to use Acegi
> Security to handle authentication/authorization
If you're using Spring, it's probably a great idea to use Acegi
Security to handle authentication/authorization. I can't think of
anything it can't do.
http://www.acegisecurity.org/
There's also Berkano which doesn't do nearly as much as Acegi but can
handle most general AA problems:
http://ber
7 matches
Mail list logo
