Joseph, modifying the user's permissions (not the struts action mapping), is definitely the way to go. Your app should be able to run with any framework, and so go with the advice I gave.
Also check out http://acegisecurity.org/ Paul Thomas Joseph <[EMAIL PROTECTED]> wrote: Thank you Paul for your comments, Adding/removing Roles, adding/removing users to roles, then permitting/forbidding various actions for these roles is what I want as the main feature of my App. I have an idea of using filter that would do explicit permissions to roles on actions, based on configurations of role-action mappings from the database. How good do you consider this design? Any other/better design choices?? If other frameworks lack this and if this design goes good enough, I would like to roll out this one to the Open Source. :) Thanks for your help and support Thomas Joseph ----- Original Message ----- From: "Paul Benedict" To: "Struts Users Mailing List" Sent: Monday, July 03, 2006 2:48 PM Subject: Re: Changing Role Access to Actions on the Fly > I can say with mild confidence that the action mapping is "frozen" once loaded, and changes to it during runtime cannot be made. Since roles are part of a mapping, it cannot be done. > > But don't let the framework stop you! Just because its automated configuration features are frozen, doesn't mean you can't get around it. If you are willing to perform explicit role checking inside the action, then you can achieve what you're trying to do. Yes, you will be giving up the XML configuration, but, you're doing something very special; I don't even know if *ANY* framework allows something like this. > > In my opinion, you might search for a better solution. Perhaps dynamic role changing is a symptom of a bad design. For instance, instead of changing the role mapping, update the roles the user actually has -- that's usually how security apps work: change the user, not the app :) > > Paul > > Thomas Joseph wrote: I couldnt see any replies, thats why I am adding up these comments. > > Actually I want the application users to create groups (roles), and then > assign access rights to various actions for this group. Later group > membership/access rights should be editable. This should be something like > how we can do in Operating Systems. > > Any help in this regard is highly appriciated. > > Also tell if this is not possible > > Thanks in advance. > > Thomas Joseph > > ----- Original Message ----- > From: "Thomas Joseph" > To: "Struts Users Mailing List" > Sent: Friday, June 30, 2006 5:37 PM > Subject: Changing Role Access to Actions on the Fly > > > > > > Hi all great brains, > > > > I would like my application to use roles to access any actions. However, I > want to make access to these actions > > change while the application is running. User in a role could access a > particular action at one time, but not the > > other time (when change has been made). (I understand that role based > access to the Action Mapping is static.) > > > > Is there any way I can do this.? > > > > Any pointers,... ideas ?? > > > > Thanks in advance!! > > > > Thomas Joseph > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- How low will we go? Check out Yahoo! Messengers low PC-to-Phone call rates.
