Yep, I did indeed have that in mind. I was planning on blatantly ripping off Wendy's work :)
I'm actually thinking now of a whole customization taglib, which may or may not supercede that, I'm not sure... it's just beginning to take shape in my warped little mind. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Fri, July 15, 2005 9:55 am, Wendy Smoak said: > From: "Aleksandar Matijaca" <[EMAIL PROTECTED]> > >> these roles you mention, are these JAAS roles? I think that JAAS >> roles would be way too much of an overkill for me... > > Definitely not JAAS. And in my case, not even Container-Managed Security > (though it pretends to be). :) > > I have Struts Menu configured to use the result of calling > request.isUserInRole() to decide whether to display a menu item. This is > as > simple as using the "magic" value 'rolesAdapter' in the tag, which causes > it > to use its RolesPermissionsAdapter: > > <menu:useMenuDisplayer name="TabbedMenu" > bundle="org.apache.struts.action.MESSAGE" > permissions="rolesAdapter"> ... > > I didn't look closely, but I'm fairly sure you can plug in a different > PermissionsAdapter if you need to. > > In my case, authorization info is stored in a database [that does not > easily > speak JDBC] underneath a 3rd party telnet app. I have a Filter in front > of > the webapp that gets the authorization info out of the database, places a > 'User' object in the session, and then wraps the request and overrides > isUserInRole(). > > To do this "right" you'd probably want to override getUserPrincipal as > well-- in fact if you can wait a bit, I *think* Frank has in mind to add a > generic, configurable version of this idea to his Java Web Parts project. > > -- > Wendy Smoak > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
