After having security interceptor in place, just write a class and
implement those 3 methods:
public class SecurityManager extends J2EESecurityManager implements
SecurityHandler {
protected Boolean hasRole(ActionBean bean, Method handler, String
role) {
}
protected Boolean isUserAuthenticated(ActionBean bean, Method handler) {
}
public Resolution handleAccessDenied(ActionBean bean, Method handler) {
}
}
I think their names and params are self-explanatory.
Then, configure the SecurityManager in web.xml by adding
<init-param>
<param-name>SecurityManager.Class</param-name>
<param-value>com.package.SecurityManager</param-value>
</init-param>
That's all - now You can use @RolesAllowed anotation on every action
method that needs access limited.
This stuff - and much, much more - I've learned from Freddy's book, I am
not affiliated with him by any means, but I highly recommend the book to
everyone.
HTH
Grzegorz
W dniu 18.09.2010 18:17, Thomas Menke pisze:
> Hi @ll,
>
> I am currently trying to implement an authentication system for a small
> web application. The article "Security Interceptor for custom
> authorization" sounds promising to me but unfortunately it says "On how
> to setup security authorization/authentication for
> org.stripesstuff.plugin.security.J2EESecurityManager, see the Servlet
> spec 2.4 and your servlet container documentation."
>
> I searched the web for the specs and started to read read trough the
> section that I thought is relevant for this. I found a lot of documents
> that state that everything that I want to do is possible, but I never
> figured out how to actually implement the authentication.
>
> Any hints?
>
> Thomas
>
> ------------------------------------------------------------------------------
> Start uncovering the many advantages of virtual appliances
> and start using them to simplify application deployment and
> accelerate your shift to cloud computing.
> http://p.sf.net/sfu/novell-sfdev2dev
> _______________________________________________
> Stripes-users mailing list
> Stripes-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/stripes-users
>
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
