I do this using a Stripes interceptor. Just place the user into the session when logging in and in the interceptor check if the user object is in the session. If you place all your private ActionBeans under a base package you can check if the requested action bean is under this package. if so and the user object is in the session proceed, if the user objects is not in the session, return a redirect resolution to the login page. Richard
On Tue, Jun 23, 2009 at 6:04 PM, phil darley<[email protected]> wrote: > Hi, > > I'm using Oscar's security solution for my ActionBean's and I was > going to use a security constraint within the web.xml file to secure > all my jsp's that sit within a /private/ directory. However I don't > like this solution because it forces me to specify a rolename, I just > want a user to be logged in - not have any specific role - for my app > this would also mean adding a 'base' role to 500+ users. > > Is there a way to configure the SecurityInterceptor to do this i.e. > intercept after the initial resource request, if URL contains > /private/, send forward the SecurityManager. > > Cheers, > Phil > > ------------------------------------------------------------------------------ > Are you an open source citizen? Join us for the Open Source Bridge conference! > Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. > Need another reason to go? 24-hour hacker lounge. Register today! > http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org > _______________________________________________ > Stripes-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/stripes-users > -- Richard Hauswald Blog: http://tnfstacc.blogspot.com/ LinkedIn: http://www.linkedin.com/in/richardhauswald ------------------------------------------------------------------------------ Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org _______________________________________________ Stripes-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stripes-users
