Mark: It is a very simple system. The user logs into the system. The user role is based on the what kind of membership that user is in. So the role for a user will keep changing. So the only place I thought I could map the user to role is in database. So it will be pure business logic rather then something I do in deployment time.
If I am wrong in my approach pls let me know how I could do this thanx --Siva Jagadeesan -----Original Message----- From: Mark Zeltser [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:02 PM To: Struts Users Mailing List Subject: Re: Actions based on Role Why do you want to have your own authentication system? Mark. "Jagadeesan,Sivakumar" wrote: > I guess I have to do that way > So I have manually chk every time whether that user is authorized to access > this Action, rather then having it in struts-config.xml which is more > configurable > > -----Original Message----- > From: Edgar Dollin [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 27, 2003 4:55 PM > To: 'Struts Users Mailing List' > Subject: RE: Actions based on Role > > If you use a filter, to filter actions based on role, the action wouldn't > have to know about security. If your authentication sticks the user > information into the session, the action could make decisions based on the > user information. > > Edgar > > > -----Original Message----- > > From: Jagadeesan,Sivakumar > > [mailto:[EMAIL PROTECTED] > > Sent: Thursday, March 27, 2003 3:50 PM > > To: 'Struts Users Mailing List' > > Subject: Actions based on Role > > > > > > I have web application where users could of three types (Roles) > > > > 1) Basic User > > 2) Silver User > > 3) Gold User > > > > According to Type / Role of user some actions could be > > performed or not performed. > > > > I could set in my stuts-config.xml, the role based access in > > Action Element > > > > I am having my own authentication System that uses the > > database . The User table has the userName and also the Role. > > > > I am not sure how could I create a Role that the Action is > > expecting , if I am using my own authentication > > > > Thanx > > --Siva Jagadeesan > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- NOTICE: If received in error, please destroy and notify sender. Sender does not waive confidentiality or privilege, and use is prohibited. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
