Hello List, i try figuring out how security will work with struts2. I have an EJB3 application - the frontend will be written using s2.
I added the RolesInterceptor to an action: ----- code ---- <interceptor-ref name="roles"> <param name="allowedRoles">portalUser</param> </interceptor-ref> ----- code ---- Accessing this action does give me a 403 - thats ok, because I am not logged in. But how do I login? My web.xml looks like that: ----- code ---- <login-config> <auth-method>FORM</auth-method> <realm-name>MyCustomRealm</realm-name> <form-login-config> <form-login-page>/Login_input.action</form-login-page> <form-error-page>/Login_error.action</form-error-page> </form-login-config> </login-config> <security-role> <description>registered portal user</description> <role-name>portalUser</role-name> </security-role> ----- code ---- is this correct? Is it even possible to use FORM-based authentication with struts2? If not, could you please give me a hint how this will work? Goal is that the user is presented with the login form if he is not authenticated - if he logged in successfully within that form, the intercepted action should continue. Thanks in advance, Piero --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]