This is what I mentioned earlier. We needed more security flexability that what the normal servlet container supports so we had to write our own security handler. The struts framework has a method hook in the RequestProcessor class that will allow you to verify the users access rights for each request. The method is processPreprocess.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 7:34 AM To: Struts Users Mailing List Subject: Re: Best place to hook the Security Call I agree with Alen, but at the same time if all the containers are supporting J2EE security standards then porting to different containers should not be an issue. SecurityFilter as I just browsed through seems interesting but all the latest J2EE containers will have to support Servlet 2.3 for using the same. Alternatively whatif I write my own security piece by looking up LDAP for A&A (authentication and authorization) and this piece would be called from some place in the STRUTS control flow so that for everyrequest security would be validated. Thanks Sreekant G. TCS AMBATTUR "Alen Ribic" <[EMAIL PROTECTED] To: "Struts Users Mailing List" > <[EMAIL PROTECTED]> cc: 08/04/2003 04:25 Subject: Re: Best place to hook the Security Call PM Please respond to "Struts Users Mailing List" If I'm not mistaken, this approach is container specific hence would make deployment on difference container(s) not as smooth as one would wish. I may be wrong so please correct me! I'm not very clued up in this area. ;) I have privilege working with servlet 2.3 and am now using SecurityFilter component (www.securityfilter.org) to handle my auth. Very simple! --Alen >Best place would be using container J2EE security, such as JDBC realms. >[EMAIL PROTECTED] wrote: > Which is the best place to hook the security call for an application in the > STRUTS framework so that for every request security check is made. Does > STRUTS provide integration with any Security framework ? > > thanks in advance. > Sreekant G. > > > > > ------------------------------------------------------------------------ > > This mail was scanned by Interscan Virus Wall of Mailserver at Cathedral Road TCS Chennai > > > > ------------------------------------------------------------------------ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- Vic Cekvenich, Struts Instructor, 1-800-917-JAVA Advanced <a href ="baseBeans.com">Struts Training</a>, mentoring and project recovery in North East. Open Source <a href ="baseBeans.com">Portal Content Management</a> basicPortal software. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
