I would suggest you take a look at Acegi. It will take a bit of learning but it is definitely worth it.
You can go to http://www.acegisecurity.org to learn more. -----Original Message----- From: Puneet Lakhina [mailto:[EMAIL PROTECTED] Sent: Monday, 9 October 2006 3:40 PM To: Struts Users Mailing List Subject: Re: Role Based Action Mapping On 10/7/06, Wendy Smoak <[EMAIL PROTECTED]> wrote: > > On 10/7/06, Puneet Lakhina <[EMAIL PROTECTED]> wrote: > > Hi, I found out that its possible to for me to restrict access to a > > particular action mapping to only a certain set of roles. > > The next thing that I found out about these roles is that this is > something > > I can configure in my web.xml. > > But what I am not able to understand is how do i set a user's role once > he > > logs in. My authentication is based on usernames and passwords in > database > > table. So where do i set a user's role. > > It depends on how you are authenticating your users. > > Tomcat has Realms you can configure to get the role information from a > database: http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html > > Another option is to add a Filter, wrap the request and override the > isUserInRole method. > > -- > Wendy > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Ok Now i figured the logging in part out. I post to a special name with special names for the user name and password fields. (Does that mean i cant use a struts action for authentication).Now how do i log off a user. As in when the user clicks on the logout link. Im sorry my concepts of container managed security aren't that strong. -- Puneet NOTICE The information in this email and or any of the attachments may contain; a. Confidential information of Cuscal Limited ('Cuscal') or third parties; and or b. Legally privileged information of Cuscal or third parties; and or c. Copyright material of Cuscal or third parties. If you are not an authorised recipient of this email, please contact Cuscal immediately by return email or by telephone on 61-2-8299 9000 and delete the email from your system. We do not accept any liability in connection with any computer virus, data corruption, interruption or any damage generally as a result of transmission of this email. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
