hi adam,
if you want to use an inner java mechanism(included in j2se since java 1.4), well-suited like JAAS,
you should look at http://sourceforge.net/projects/jguard/
jGuard helps you to use easily JAAS, in a pluggable manner, in your j2ee web application.
you can with it,manage access and authentication,with a database.
another advantage is to use the SAME code and configuration with every application server.
hope it helps,
charles.
---------------------
Folks,
I am struggling to understand how to use JAAS with Struts 1.1
I need a simple-to-follow example.
The requirement is for standard authentication and permission handling -
logging a user in and checking that they have permission to access an Action
or URL.
Should I use JAAS or home-grown security?
If I go down the home-grown route logging in a user is no problem.
One way that occurs to me to enforce permissions is to put a check into each
JSP to ensure that the user has the appropriate role to view that page and
redirect if not.
What do people think? Is JAAS the way to go?
If JAAS, what are the advantages in a Struts context?
Is there a simple JAAS example somewhere that I can cut and paste from?
TIA - Adam
