RE: What is a better way to check user login?

Tue, 13 Aug 2002 22:10:37 -0700 


| -----Original Message-----
| From: Troy Hart [mailto:[EMAIL PROTECTED]]
| Sent: Tuesday, August 13, 2002 11:27 PM
| To: Struts Users Mailing List
| Subject: Re: What is a better way to check user login?
| 
| This topic has been discussed quite a bit on this list. I think the
| consensus is that you should really use container managed
authentication
| (cma). You should search through the archives for discussions on the
| topic. According to some you would be crazy (or maybe even stupid) to
do
| it any other way. Sometimes you don't have a lot of choice in the
| matter, due to any number of factors, but you will be happy if you can
| bite it off. :-)

Although, there is the issue of managing security where there are no
definitive 'roles' available and security is managed on a per
request/parameter basis.

I'm still trying to piece together how I can implement a Realm for my
project-- possibly bit masking a long or using a float's mantissa in
packing all the data I need into a string to validate as a role ;-)

-Jake

| 
| Good luck,
| 
| Troy
| 
| 
| On Tue, 2002-08-13 at 22:10, Struts Newsgroup (@Basebeans.com) wrote:
| > Subject: What is a better way to check user login?
| > From: "Hu Ji Rong" <[EMAIL PROTECTED]>
| >  ===
| > Hi,
| >
| > I saw various ways to check user login in Struts, but a bit
confused.
| > CheckLogon Tag in Struts example, check user session data, overwrite
the
| > ActionServlet, and so on. Overwrite the ActionServlet maybe also
have
| > problem to migrate to 1.1?
| >
| > Can anyone point to a right way? We have normally form based login
page
| to
| > validate the user.
| >
| > Thanks,
| > JiRong
| >
| >
| >
| > --
| > To unsubscribe, e-mail:   <mailto:struts-user-
| [EMAIL PROTECTED]>
| > For additional commands, e-mail: <mailto:struts-user-
| [EMAIL PROTECTED]>
| >
| 
| 
| 
| --
| To unsubscribe, e-mail:   <mailto:struts-user-
| [EMAIL PROTECTED]>
| For additional commands, e-mail: <mailto:struts-user-
| [EMAIL PROTECTED]>
| 
| ---
| Incoming mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
| 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
 


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
























					Reply via email to