Oh, nice, I'll try to implement this then. I have read a lot about
authorization and authentication and am trying to decide the best
alternative for my struts based application (which can hopefully become my
standard in web app development).
Thank you for the tip, I'll report to say how it is go
Exactly.
(*Chris*)
On 6/29/07, wild_oscar <[EMAIL PROTECTED]> wrote:
Do you mean implementing a HttpServletRequestWrapper and overriding its
isUserInRole so that it finds the user and its roles in the httpsession
(where I stored the Principals)?
Chris Pratt wrote:
>
> It uses the HttpServl
Do you mean implementing a HttpServletRequestWrapper and overriding its
isUserInRole so that it finds the user and its roles in the httpsession
(where I stored the Principals)?
Chris Pratt wrote:
>
> It uses the HttpServletRequest.isUserInRole() method. One way to populate
> this is with a Fi
It uses the HttpServletRequest.isUserInRole() method. One way to populate
this is with a Filter that wraps the request with an
HttpServletRequestWrapper.
(*Chris*)
On 6/29/07, wild_oscar <[EMAIL PROTECTED]> wrote:
I am trying to develop my first web application.
For authentication and autho
I'm not sure of the specifics, this isn't a capability I've used; I just
know it's there ;-)
L.
Adam Hardy wrote:
Something that removes items from collections according to data
visibility constraints declaratively must be quite complex.
Presumably the collections are declared in a Spring-st
Something that removes items from collections according to data
visibility constraints declaratively must be quite complex.
Presumably the collections are declared in a Spring-style context factory?
And then you would have to declare which property of the item provides
the IDs, and you also de
It does rely on Spring, yes, but getting Spring to co-exist with Struts
is trivial; you don't need to change any existing code to do that,
though once you have Spring available you may well find yourself wanting
to take advantage of it ;-)
L.
Raghu Kanchustambham wrote:
On the first cut this
Actually, Acegi does offer what Raghu was looking for (or at least one
possible route to achieving it). One of the things it can do is
automatically filter collections to remove items the current user
shouldn't be allowed to see, so you don't have to bury that kind of
business logic in your dat
Hi Raghu, Laurie,
I did a project recently which used the Acegi security project which
comes bundled with Spring, and although I was never involved in the
implementation of it myself, I heard that it was effective.
Am I correct in assuming though that it does not offer the alternative
that R
On the first cut this looks like authentication/authorization for Spring
framework. Do I need to get struts co-exist with spring for this to work ?
And how much of an effort would that be?
But yes.. this looks quite a powerful and neat concept.
Thanks for refering it.
Regards,
Raghu
On 11/20/
Take a look at the Acegi Security project. It provides *extremely*
powerful declarative security capabilities, upto and including filtering
database query results to exclude things the current user shouldn't be
able to see. It might be exactly what you're looking for.
L.
Raghu Kanchustambham
11 matches
Mail list logo
