Re: Logon API in struts?

[Mike Thompson]

Ok, so the fairly standard aproach is to authenticate the user by hand and shove the user name into a session attribute that is application defined?  i.e.  session.setAttribute(Constants.USER_KEY, user);   What if I'm using roles and I want to be able to say   request.isUserInRole("ADMIN"); or Principal p = request.getUserPrincipal();   or I have some java beans that snag the princiapl name out of the SessionContext and would like to return different results based on who is making the call?   will this approach work?     --m     ----- Original Message ----- From: Jon.Ridgway To: [EMAIL PROTECTED] Sent: Monday, June 18, 2001 4:57 AM Subject: RE: Logon API in struts? Hi Bob,   User authentication is a tricky one. The struts-example app uses a fairly standard approach. The difficulties start if you choose to use container managed auth. According to Javasoft we should all be aspiring to use Form Based auth. But each container has a different config mechanism and some such as WebSphere don't support standard form based auth at all.   Do you know which web/app server you will be deploying to?   Jon.   -----Original Message----- From: Bob Byron [mailto:[EMAIL PROTECTED]] Sent: 15 June 2001 19:21 To: [EMAIL PROTECTED] Subject: Logon API in struts?   I would like to know from the Struts elite if there are any struts centric facilities to help with login/logout? I just don't want to reinvent the wheel if it is already out there.   The username and password would be entered on the webpage itself and not entered into the user/pass dialog popup (as in the Struts-Admin application).   Thank You, Bob Byron RAD Systems, Inc. www.radit.com (972)516-4256