Hi,

You may find some information in
http://pow2acl.sourceforge.net/

Good Luck
Cliff

----- Original Message ----- 
From: "Barnett, Brian W." <[EMAIL PROTECTED]>
To: "'Struts Users Mailing List'" <user@struts.apache.org>
Sent: Wednesday, January 05, 2005 4:50 AM
Subject: RE: Security question


> Well, I guess I'll proceed with that. Thank you.
>
> -----Original Message-----
> From: Chaikin, Yaakov Y. [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 04, 2005 1:55 PM
> To: 'Struts Users Mailing List'
> Subject: RE: Security question
>
> I don't know of any other way than to programmatically check user's role
> inside your Action's method. There is no way to specify attributes in the
> <url-pattern> of the <security-constraint>. It just doesn't support such
> pattern matching.
>
> Yaakov.
>
> -----Original Message-----
> From: Jim Barrows [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 04, 2005 1:30 PM
> To: Struts Users Mailing List
> Subject: RE: Security question
>
>
> > -----Original Message-----
> > From: Barnett, Brian W. [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, January 04, 2005 11:04 AM
> > To: 'Struts Users Mailing List'
> > Subject: Security question
> >
> >
> > I'm using LookupDispatchAction and role-based security. I
> > want to allow
> > certain roles to access certain dispatches of an action. I'm
> > not sure what
> > the best way to handle this is.
> >
> > Should I create separate Action classes? Is there a slick way
> > to specify
> > "dispatch level" security in web.xml?
>
> The container managed security is handled by URL.  Which might include
> parameters.
> If not you'll have to use one of the dispatch that requires a seperate URL
> to do this.
>
> Alternatively you'll have to put the security checks inside each method.
>
> >
> > Can someone point me to a good article(s) on using role-based
> > security in a
> > struts app that might address these issues?
> >
> > Thanks,
> > Brian
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to