When you specify a constraint on a resource within a webapp via web.xml
settings, you specify what group the constraint references.  Within your
container you specify which groups are a part of what groups (the former
is a standard part of the servlet spec, the later is specific to whichever
container you are working with).

The call to request.isUserInRole() accepts a String as a parameter, which
is the name of a role (which is synonymous with group by the way).  So, if
you define an "Admin" group, and put two users in the group, you can do
request.isUserInRole("Admin"), and it will return either true or false,
depending on whether the user currently logged in is in the role or not.

This can be done from an Action, a filter, a servlet, wherever you like,
assuming you have a reference to the current request object.

-- 
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com

On Tue, June 28, 2005 12:34 pm, Grzegorz Stasica said:
> hi,
>
> Actinally my question is how to access container from struts action but
> if I know how isUserInRole is working I'll be able to solve my main
> problem which is:
> Is it possible to access container from action. I'm using securityfilter
> which extends BaseRealm. In this way I can put additional parameter to
> user being authorized but the problem is that I'm not able to access it
> from the action. There is only function: request.isUserInRole() but
> unfortunatelly I do not know how it works
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to