Sorry I am wrong :-) It plays nice with the request based info. -----Original Message----- From: Brandon Goodin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 21, 2002 1:53 PM To: Struts Users Mailing List; [EMAIL PROTECTED] Subject: RE: Container-managed authentication not possible
That is a cool project. But, it only "mimics". It has the same terminology associated with it. But it is NOT container managed security. Nor does it integrate (at this point) with many projects that use the container based security check methods like isUserInRole(). so, for example if you are using role checking with tiles it will not be able to locate the role and user information generated by SecurityFilter because it does not use container managed security. I wrote a SecurityFilter that interacts with an action to take advantage of container based security. It allows for auto-login, login from any page, and url based security. But the code is not very clean and is Tomcat specific. I am waiting for the ServletSpec to come up to par. Meanwhile my "SecurityFilter" is working and using container based security and I would rather stay tied to container managed security with all it's inflexibilities because it allows me to abstract my security from my app. Just my rambling thoughts, Brandon Goodin Phase Web and Multimedia P(406)862-2245 F(406)862-0354 http://www.phase.ws -----Original Message----- From: Todd G. Nist [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 21, 2002 2:46 PM To: 'Struts Users Mailing List' Subject: RE: Container-managed authentication not possible You may want to take a look at the SecurityFilter project on SourceForge.net by Max Cooper. Summary form site: "SecurityFilter is a Java Servlet Filter that mimics the behavior and configuration format of container managed security, with several development and deployment advantages." See the Home Page http://securityfilter.sourceforge.net at for more details. Regards, Todd G. Nist -----Original Message----- From: Brandon Goodin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 21, 2002 2:48 PM To: Struts Users Mailing List Subject: RE: Container-managed authentication not possible You can implement container managed security in web.xml only if it has been setup within the server.xml under your host settings. Brandon Goodin Phase Web and Multimedia P(406)862-2245 F(406)862-0354 http://www.phase.ws -----Original Message----- From: Elderclei R Reami [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 21, 2002 3:44 PM To: [EMAIL PROTECTED] Subject: Container-managed authentication not possible Hi Friends, It's been a month developing in struts, and the party's been pretty good. I'm just finishing my first application (30 jsps, actions, and so on), and now I'm including some security in it. I'm in trouble regarding authentication, because my client's ISP does not let me change server.xml configs, probably because they use virtual hosting. My question is: is it possible to configure container-managed authentication using the web.xml? Or must I implement my own authentication? Cheers, Elderclei R Reami Vertis Tecnologia +55 11 3887-0835 www.vertisnet.com.br -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
