Thanks for the tips, Brandon & Todd. I will have a look at SecurityFilter, as I have no other option, perhaps I'll need to develop my own security control (not good anyway)
Regards. Elder On Wed, 21 Aug 2002 14:02:09 -0600, "Brandon Goodin" <[EMAIL PROTECTED]> escreveu : > De: "Brandon Goodin" <[EMAIL PROTECTED]> > Data: Wed, 21 Aug 2002 14:02:09 -0600 > Para: "Struts Users Mailing List" <[EMAIL PROTECTED]> > Assunto: [CORRECTION]RE: Container-managed authentication not possible > > Sorry I am wrong :-) It plays nice with the request based info. > > -----Original Message----- > From: Brandon Goodin [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, August 21, 2002 1:53 PM > To: Struts Users Mailing List; [EMAIL PROTECTED] > Subject: RE: Container-managed authentication not possible > > > That is a cool project. But, it only "mimics". It has the same terminology > associated with it. But it is NOT container managed security. Nor does it > integrate (at this point) with many projects that use the container based > security check methods like isUserInRole(). so, for example if you are using > role checking with tiles it will not be able to locate the role and user > information generated by SecurityFilter because it does not use container > managed security. I wrote a SecurityFilter that interacts with an action to > take advantage of container based security. It allows for auto-login, login > from any page, and url based security. But the code is not very clean and is > Tomcat specific. I am waiting for the ServletSpec to come up to par. > Meanwhile my "SecurityFilter" is working and using container based security > and I would rather stay tied to container managed security with all it's > inflexibilities because it allows me to abstract my security from my app. > > Just my rambling thoughts, > Brandon Goodin > Phase Web and Multimedia > P(406)862-2245 > F(406)862-0354 > http://www.phase.ws > > -----Original Message----- > From: Todd G. Nist [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, August 21, 2002 2:46 PM > To: 'Struts Users Mailing List' > Subject: RE: Container-managed authentication not possible > > > You may want to take a look at the SecurityFilter project on SourceForge.net > by Max Cooper. Summary form site: > > "SecurityFilter is a Java Servlet Filter that mimics the behavior and > configuration format of container managed security, with several > development and deployment advantages." > > See the Home Page http://securityfilter.sourceforge.net at for more > details. > > Regards, > > Todd G. Nist > > > -----Original Message----- > From: Brandon Goodin [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, August 21, 2002 2:48 PM > To: Struts Users Mailing List > Subject: RE: Container-managed authentication not possible > > > You can implement container managed security in web.xml only if it has been > setup within the server.xml under your host settings. > > Brandon Goodin > Phase Web and Multimedia > P(406)862-2245 > F(406)862-0354 > http://www.phase.ws > > -----Original Message----- > From: Elderclei R Reami [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, August 21, 2002 3:44 PM > To: [EMAIL PROTECTED] > Subject: Container-managed authentication not possible > > > Hi Friends, > > It's been a month developing in struts, and the party's been pretty good. > I'm just finishing my first application > (30 jsps, actions, and so on), and now I'm including some security in it. > > I'm in trouble regarding authentication, because my client's ISP does not > let me change server.xml configs, > probably because they use virtual hosting. My question is: is it possible to > configure container-managed > authentication using the web.xml? Or must I implement my own authentication? > > Cheers, > Elderclei R Reami > Vertis Tecnologia > +55 11 3887-0835 > www.vertisnet.com.br > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > > Elderclei R Reami Vertis Tecnologia +55 11 3887-0835 www.vertisnet.com.br -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
