Hello List,
i try figuring out how security will work with struts2. I have an EJB3
application - the frontend will be written using s2.
I added the RolesInterceptor to an action:
----- code ----
<interceptor-ref name="roles">
<param name="allowedRoles">portalUser</param>
</interceptor-ref>
----- code ----
Accessing this action does give me a 403 - thats ok, because I am not logged
in. But how do I login?
My web.xml looks like that:
----- code ----
<login-config>
<auth-method>FORM</auth-method>
<realm-name>MyCustomRealm</realm-name>
<form-login-config>
<form-login-page>/Login_input.action</form-login-page>
<form-error-page>/Login_error.action</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>registered portal user</description>
<role-name>portalUser</role-name>
</security-role>
----- code ----
is this correct? Is it even possible to use FORM-based authentication with
struts2? If not, could you please give me a hint how this will work?
Goal is that the user is presented with the login form if he is not
authenticated - if he logged in successfully within that form, the
intercepted action should continue.
Thanks in advance,
Piero
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
