On Wed, 14 Aug 2002, Jacob Hookom wrote:
> Date: Wed, 14 Aug 2002 00:33:18 -0500
> From: Jacob Hookom <[EMAIL PROTECTED]>
> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]>
> To: 'Struts Users Mailing List' <[EMAIL PROTECTED]>
> Subject: RE: What is a better way to check user login?
>
>
>
> | -----Original Message-----
> | From: Troy Hart [mailto:[EMAIL PROTECTED]]
> | Sent: Tuesday, August 13, 2002 11:27 PM
> | To: Struts Users Mailing List
> | Subject: Re: What is a better way to check user login?
> |
> | This topic has been discussed quite a bit on this list. I think the
> | consensus is that you should really use container managed
> authentication
> | (cma). You should search through the archives for discussions on the
> | topic. According to some you would be crazy (or maybe even stupid) to
> do
> | it any other way. Sometimes you don't have a lot of choice in the
> | matter, due to any number of factors, but you will be happy if you can
> | bite it off. :-)
>
> Although, there is the issue of managing security where there are no
> definitive 'roles' available and security is managed on a per
> request/parameter basis.
>
> I'm still trying to piece together how I can implement a Realm for my
> project-- possibly bit masking a long or using a float's mantissa in
> packing all the data I need into a string to validate as a role ;-)
>
Defining what your needs are would be a good starting point :-). Without
that, I don't see how you can make any architectural decisions about how
to support your security requirements.
> -Jake
Craig
>
> |
> | Good luck,
> |
> | Troy
> |
> |
> | On Tue, 2002-08-13 at 22:10, Struts Newsgroup (@Basebeans.com) wrote:
> | > Subject: What is a better way to check user login?
> | > From: "Hu Ji Rong" <[EMAIL PROTECTED]>
> | > ===
> | > Hi,
> | >
> | > I saw various ways to check user login in Struts, but a bit
> confused.
> | > CheckLogon Tag in Struts example, check user session data, overwrite
> the
> | > ActionServlet, and so on. Overwrite the ActionServlet maybe also
> have
> | > problem to migrate to 1.1?
> | >
> | > Can anyone point to a right way? We have normally form based login
> page
> | to
> | > validate the user.
> | >
> | > Thanks,
> | > JiRong
> | >
> | >
> | >
> | > --
> | > To unsubscribe, e-mail: <mailto:struts-user-
> | [EMAIL PROTECTED]>
> | > For additional commands, e-mail: <mailto:struts-user-
> | [EMAIL PROTECTED]>
> | >
> |
> |
> |
> | --
> | To unsubscribe, e-mail: <mailto:struts-user-
> | [EMAIL PROTECTED]>
> | For additional commands, e-mail: <mailto:struts-user-
> | [EMAIL PROTECTED]>
> |
> | ---
> | Incoming mail is certified Virus Free.
> | Checked by AVG anti-virus system (http://www.grisoft.com).
> | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> |
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
>
>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
