Mike, I have it up and running. The link to source was provided by Dan: http://securityfilter.sourceforge.net/, click on Files link on the bottom.
Search archives, there is an example of setting it up using catalina JDBCRealm. Very little work is required to get it up and running and makes it tables driven and container independant. Mark. Mike Duffy wrote: > Mark, > > Do you have experience with security filter? Have you examined the > source code? > > I went to SourceForge to get the download. There was a JAR but no > source except for a limited implementation class. > > I would not want to implement a security filter without seeing the > source. > > Can anyone tell me where to find the source? > > Mike > > --- Mark Zeltser <[EMAIL PROTECTED]> wrote: > > Siva, > > > > Take a look at authentication provided by web container. One of the > > reasons to > > use your own authentication is to make it deployable on any > > container. However, > > you can use securityfilter to make this transparent. > > > > Suggestion: search the archives on security/securityfilter. Spend > > some time > > understanding provided authentication mechanism. Usually, there is > > no need to > > reinvent the wheel. > > > > Mark. > > > > > > "Jagadeesan,Sivakumar" wrote: > > > > > Mark: > > > > > > It is a very simple system. The user logs into the system. The > > user role is > > > based on the what kind of membership that user is in. So the role > > for a user > > > will keep changing. So the only place I thought I could map the > > user to role > > > is in database. So it will be pure business logic rather then > > something I do > > > in deployment time. > > > > > > If I am wrong in my approach pls let me know how I could do this > > thanx > > > > > > --Siva Jagadeesan > > > > > > -----Original Message----- > > > From: Mark Zeltser [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, March 27, 2003 5:02 PM > > > To: Struts Users Mailing List > > > Subject: Re: Actions based on Role > > > > > > Why do you want to have your own authentication system? > > > > > > Mark. > > > > > > "Jagadeesan,Sivakumar" wrote: > > > > > > > I guess I have to do that way > > > > So I have manually chk every time whether that user is > > authorized to > > > access > > > > this Action, rather then having it in struts-config.xml which > > is more > > > > configurable > > > > > > > > -----Original Message----- > > > > From: Edgar Dollin [mailto:[EMAIL PROTECTED] > > > > Sent: Thursday, March 27, 2003 4:55 PM > > > > To: 'Struts Users Mailing List' > > > > Subject: RE: Actions based on Role > > > > > > > > If you use a filter, to filter actions based on role, the > > action wouldn't > > > > have to know about security. If your authentication sticks the > > user > > > > information into the session, the action could make decisions > > based on the > > > > user information. > > > > > > > > Edgar > > > > > > > > > -----Original Message----- > > > > > From: Jagadeesan,Sivakumar > > > > > [mailto:[EMAIL PROTECTED] > > > > > Sent: Thursday, March 27, 2003 3:50 PM > > > > > To: 'Struts Users Mailing List' > > > > > Subject: Actions based on Role > > > > > > > > > > > > > > > I have web application where users could of three types > > (Roles) > > > > > > > > > > 1) Basic User > > > > > 2) Silver User > > > > > 3) Gold User > > > > > > > > > > According to Type / Role of user some actions could be > > > > > performed or not performed. > > > > > > > > > > I could set in my stuts-config.xml, the role based access in > > > > > Action Element > > > > > > > > > > I am having my own authentication System that uses the > > > > > database . The User table has the userName and also the Role. > > > > > > > > > > I am not sure how could I create a Role that the Action is > > > > > expecting , if I am using my own authentication > > > > > > > > > > Thanx > > > > > --Siva Jagadeesan > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > -- > > > NOTICE: If received in error, please destroy and notify sender. > > Sender does > > > not waive confidentiality or privilege, and use is prohibited. > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > -- > > NOTICE: If received in error, please destroy and notify sender. > > Sender does not > > waive confidentiality or privilege, and use is prohibited. > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > __________________________________________________ > Do you Yahoo!? > Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! > http://platinum.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- NOTICE: If received in error, please destroy and notify sender. Sender does not waive confidentiality or privilege, and use is prohibited. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
