Those are good pointers. The key is that it all depends on how you are
handling authentication and authorization, since there are so many
possible approaches.
For example, if you use container managed security, setting up the roles
is a matter of configuring your container appropriately. If you're using
a non-'standards based' authentication mechanism (filters, S2
interceptors, or other custom functionality), you'll need to manage
roles yourself. Zoran's pointers should get you on your way in that case.
L.
Zoran Avtarovski wrote:
To achieve this we wrote a custom AuthInterceptor which we added to the
default stack, which adds some core authorisation functionality - add user
object (with roles) to the session, add a custom user menu (based on roles)
to the session and checks authorisation for the action.
It's pretty straight forward with Interceptors. Mark Mernard has an example
on his blog which is a good starting point and WW in Action also has a good
example, just download the source code from the manning site and look for
the sample AuthInterceptor code.
Z.
I would like to populate the user roles from a database during login, but have
not found any examples how to do so in Struts2.
I have found an example how to use RolesInterceptor to secure access to
specific
actions, but no hints on how to populate the roles.
/Flemming
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
