Use container-managed authentication. For your role names, prepend a unique identifier for the application:
BackOfficeApp Roles: BOA_USER BOA_ADMIN JoeBlowApp Roles: JBA_USER JBA_ADMIN DumbApp Roles: DAP_USER DAP_ADMIN I think that covers your needs, doesn't it? You could then, additionally, through the container or the web-app deployment descriptor, specify what the role name prefix is for the application and use that information, combined with standard method calls, to determine who should see what. If you're using Tomcat, but you're not currently using container-managed authentication - AND you're going to keep these folks in a database - take a look at the JDBCRealm. You can also do LDAP (though I have no experience using it) with the JNDIRealm. These (as well as the MemoryRealm - flat-file configuration - not good if you need to update dynamically and have it immediately visible) are "not too hard" to setup. Plus, rather than having to code some "search" algorithm (ack! why?! only if you have special needs is this required - the solution above does not qualify as a "special need"), you can make use of the (tried and true!) code-base that already exists in the JDK for determining who is in what role(s). Container-managed Authentication == Goooooooooooooooooooooood Also, using Tomcat (I can't speak for other servers because I only use TC :-P), you can configure the realm to be there for a context, a (virtual) host, or an entire server. It gives you a great deal of control. HTH, Eddie Rick Reumann wrote: >I'm confused how I can/should handle this in Struts... > >What I need to build (and long story why) is a User Administration >utility and where I'm having trouble fitting this in with struts is in >regard to the following: > >Picture a case where you want to give user's certain roles based on >certain applications. So you'd have: > >BackofficeApp [ select options of possible roles ] >JoeBlowApp [ select options of possible roles ] >DumbApp [ select options of possible roles ] > >The problem is the list of applications is dynamic so I can't hard >code these values into a form bean or in my dynamicActionForm. > >Currently I'm planning on doing this an old fashioned way where after >submission I'll loop through the same dynamic list of applications and >pull up the request parameters based on the values I get back. So for >example somewhere I'd end up doing: > >//while loop through applications >String appValue = request.getParameter( appNameBasedOnCurrentLoopValue ); > //update db for this app name based on value >//continue loop > >Can I have a form bean gather all this data? Or should I just continue >to do it the way I'm doing it? > >Thanks for any comments/help. > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
