Laurie Harper wrote: > [EMAIL PROTECTED] wrote: >> Hello! >> >> I have got an application, where users are authenticated with ldap firstly. >> >> Afterwards, there will be another database, which defines the roles, the >> user is >> in. When the user is logged in, the roles are read from this table and >> should be >> applied to struts, in order to use afterwards the tag isUserInRole. >> >> My question now is: >> How must I set the roles the user is actually in (a user could be in more >> than >> one role at the same time), after the user has been logged in, that I can use >> the tag isUserInRole in the jsp file for hiding or not some pieces of the >> page? > > 'isUserInRole' is a concept supplied by the standard Servlet APIs. If > you are using container managed security, the details of how you map > roles from your LDAP/database will be specific to the container you use. > If you *don't* use container managed security, the details will be even > less standard :-) > > What authentication / authorization strategy are you implementing? One > way or another you will need to ensure that > HttpServletRequest.isUserInRole() is aware of your authorization data.
That's my problem. I don't use container managed security, but my own one, which is application driven. I think, I have to write my own tag to get the functionality I need. This shouldn't be a problem. Thanks for your hint, kind regards, Andreas Hartmann --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
