and more
> > http://www.manning.com/wannemacher
> >
> >
> > -----
> > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> > For additional commands, e-mail: user-h...@struts.apache.org
>
more
> http://www.manning.com/wannemacher
>
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
>
>
--
View this mes
On Wednesday 04 February 2009 05:56:24 alee amin wrote:
> I browsed through struts official site to check for any plugin available or
> security mechanism to authenticate the user. but i could not find one. can
> anyone guide me what are teh ways to implement the security constraints
> (user securi
I browsed through struts official site to check for any plugin available or
security mechanism to authenticate the user. but i could not find one. can
anyone guide me what are teh ways to implement the security constraints
(user security) on application.
..alee
http://techboard.wordpress.com
NOT get today
off as a paid holiday)
Martin-
- Original Message - From: "Eddie Bush" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List"
Sent: Monday, May 30, 2005 2:10 AM
Subject: Re: Security in Struts
Adam,
Nothing put me off CMA :-) I think it's fa
27;re not the only one that does NOT get today off
as a paid holiday)
Martin-
- Original Message -
From: "Eddie Bush" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List"
Sent: Monday, May 30, 2005 2:10 AM
Subject: Re: Security in Struts
Adam,
Nothing p
a year - can't change everyone overnight
;-)
Happy Memorial Day Everyone! :-D ... back to work Tuesday :-( ... vacation
coming soon though! :-D
Later :-)
Eddie
- Original Message -
From: "Adam Hardy" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List"
Sent
Eddie,
what put you off CMA?
if you don't mind me asking.
Adam
On 28/05/05 19:00 Eddie Bush wrote:
Tarek,
Java provides a standard mechanism for you to tell if the person
accessing your application has a certain permission. This is available
through request.isUserInRole(String). Unfortunat
Hi Eddie,
Thanks a lot for such an enlightening explanation.
-Original Message-
From: Eddie Bush [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 28, 2005 10:01 PM
To: Struts Users Mailing List
Subject: Re: Security in Struts
Tarek,
Java provides a standard mechanism for you to tell if
t was easier for me to grow my own than write an adapter and have
to learn how to use SecurityFilter. That may not be the case for you.
Hope that helps!
Eddie Bush
- Original Message -
From: "tarek.nabil" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List&quo
On 5/26/05, Durham David R Jr Ctr 805 CSPTS/SCE
<[EMAIL PROTECTED]> wrote:
> > Thanks David. But it seems that this framework only works with
> > Spring, and we're not using Spring.
>
> It works with Struts MVC, but yes, you'll likely need Spring to
> configure the filters, and to do some proxying
> Thanks David. But it seems that this framework only works with
> Spring, and we're not using Spring.
It works with Struts MVC, but yes, you'll likely need Spring to
configure the filters, and to do some proxying for the "button" level
access.
- Dave
--
Thanks David. But it seems that this framework only works with Spring,
and we're not using Spring.
-Original Message-
From: Durham David R Jr Ctr 805 CSPTS/SCE
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 25, 2005 6:45 PM
To: Struts Users Mailing List
Subject: RE: Security in S
[EMAIL PROTECTED]
Sent: Wednesday, May 25, 2005 4:09 PM
To: Struts Users Mailing List
Subject: Re: Security in Struts
Hi Tarek,
If you want action level security, just write a base action that
authenticates the user, and which all other actions extend. In the base
action, if the user is valid,
> Are there any widely used approaches or best practices that we
> can follow?
The acegi security framework offers a widely used approach:
http://acegisecurity.sourceforge.net/
- Dave
-
To unsubscribe, e-mail: [EMAIL PROTECT
Hi Tarek,
If you want action level security, just write a base action that
authenticates the user, and which all other actions extend. In the base
action, if the user is valid, then processing continues. Otherwise, the
user is redirected to the logged-out page. I would put this logic in
th
Hello Tarek,
I'd say front your application with a Servlet Filter that checks for
the security of the current page against security runles defined in
database/XML and probably cached for the current session to avoid
hitting database for every request.
ATTA
On 5/25/05, tarek.nabil <[EMAIL PROTECT
Hi everyone,
We're building a project using Struts and are about to start on the
security module. The requirements are that security should be fine
grained, which means that it can not be on the module level, but rather
on the JSP or Action level. Actually, the users might ask for security
on the
t; Paul
Craig
>
> -Original Message-
> From: Craig McClanahan [mailto:[EMAIL PROTECTED]
> Sent: Monday, May 09, 2005 3:39 PM
> To: Struts Users Mailing List; Jeff Beal
> Subject: Re: Sample Code for Desclarative Security in Struts
>
> On 5/9/05, Jeff Beal <[EMAIL P
> > They seem to be capable of more fine tuned access control
>
> You're talking about URL filtering, yeah, definitely.
Just to clarify, you're talking about security beyond URL filtering
providing more fine tuned access control. I concur.
- Dave
--
> Is there any particular reason why custom logins are not favored
> over using this sort of approach?
I think it comes down to standards and the relative difficulties
associated with implementing security. But, as far as favorites go,
everyone has them.
> They seem to be capable of more fin
lto:[EMAIL PROTECTED]
Sent: Monday, May 09, 2005 3:39 PM
To: Struts Users Mailing List; Jeff Beal
Subject: Re: Sample Code for Desclarative Security in Struts
On 5/9/05, Jeff Beal <[EMAIL PROTECTED]> wrote:
> Solution 1: I don't believe there has to be any correlation between
> your
Is there any particular reason why custom logins are not favored over
using this sort of approach? They seem to be capable of more fine
tuned access control and can easily be relegated to a common solution
for different needs.
On 5/9/05, Craig McClanahan <[EMAIL PROTECTED]> wrote:
> On 5/9/05, Je
On 5/9/05, Jeff Beal <[EMAIL PROTECTED]> wrote:
> Solution 1: I don't believe there has to be any correlation between
> your web-resource-collections in your security-constraints and your
> servlet-mappings in web.xml. It seems to be perfectly valid to map
> *.do to ActionServlet (a single servlet
alec <[EMAIL PROTECTED]> wrote:
> Would there be any sample code showing how to use declarative security in
> Struts? I guess this would be a bit tricky as there is only 1 web resource
> to protect (ActionServlet)
>
&
Would there be any sample code showing how to use declarative security in
Struts? I guess this would be a bit tricky as there is only 1 web resource
to protect (ActionServlet)
Appreciate any pointer.
-
To unsubscribe, e-mail
> I'm looking for tutorial about security in Struts...
One of the problems / strengths I noticed with Struts is that there
are so many different ways to implement various things like security
that it can sometimes be difficult to discover which is most suited to
your needs.
I'm sti
Hi all,
I'm looking for tutorial about security in Struts, plz help me to find them
quickly ...
thanks for advance
Anh Tuan
I posted on wiki:
http://wiki.apache.org/struts/ApplicationSecurity
(any FAQ, maybe people create or edit WIKI)
.V
Hari Saptoadi wrote:
Hi All
i'd like to say sorry if someone already asked this question before...
what is best practice implement security in struts apps ?
i'm looking some
Hi All
i'd like to say sorry if someone already asked this question before...
what is best practice implement security in struts apps ?
i'm looking something that similar with acegi security but more suitable with
struts
Chaikin, Yaakov Y (US SSA) wrote:
Hi,
I am pretty new to Struts. Looked through the archives and wasn't sure
what the current answer would be to my question.
Is there a way to use Struts while using the declarative approach to
security? Not to add another user, but simply to secure your applicati
31 matches
Mail list logo
