When you specify a constraint on a resource within a webapp via web.xml settings, you specify what group the constraint references. Within your container you specify which groups are a part of what groups (the former is a standard part of the servlet spec, the later is specific to whichever container you are working with).
The call to request.isUserInRole() accepts a String as a parameter, which is the name of a role (which is synonymous with group by the way). So, if you define an "Admin" group, and put two users in the group, you can do request.isUserInRole("Admin"), and it will return either true or false, depending on whether the user currently logged in is in the role or not. This can be done from an Action, a filter, a servlet, wherever you like, assuming you have a reference to the current request object. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Tue, June 28, 2005 12:34 pm, Grzegorz Stasica said: > hi, > > Actinally my question is how to access container from struts action but > if I know how isUserInRole is working I'll be able to solve my main > problem which is: > Is it possible to access container from action. I'm using securityfilter > which extends BaseRealm. In this way I can put additional parameter to > user being authorized but the problem is that I'm not able to access it > from the action. There is only function: request.isUserInRole() but > unfortunatelly I do not know how it works > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]