You've got a middle case youre not mentioning. What's wrong with container managed/declarative security (ex: A JDBCRealm) or something a shade more robust like SecurityFilter?
> -----Original Message----- > From: Adam Lipscombe [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 16, 2004 5:11 AM > To: 'Struts Users Mailing List' > Subject: Newbie: Using Struts with JAAS? > > > Folks, > > > I am struggling to understand how to use JAAS with Struts 1.1 > I need a simple-to-follow example. > > > The requirement is for standard authentication and permission > handling - logging a user in and checking that they have > permission to access an Action or URL. > > Should I use JAAS or home-grown security? > > If I go down the home-grown route logging in a user is no problem. > One way that occurs to me to enforce permissions is to put a > check into each JSP to ensure that the user has the > appropriate role to view that page and redirect if not. > > > What do people think? Is JAAS the way to go? > If JAAS, what are the advantages in a Struts context? > Is there a simple JAAS example somewhere that I can cut and > paste from? > > > > TIA - Adam > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
