It uses the HttpServletRequest.isUserInRole() method. One way to populate this is with a Filter that wraps the request with an HttpServletRequestWrapper. (*Chris*)
On 6/29/07, wild_oscar <[EMAIL PROTECTED]> wrote:
I am trying to develop my first web application. For authentication and authorization, I choose JAAS and followed this guide http://www.mooreds.com/jaas.html http://www.mooreds.com/jaas.html I am also using Struts as my MVC. I am having trouble implementing authorization, though. As far as I've learned, the application can have programmatic or declarative authorization. In struts, a way of programming dynamic authorization is the use of the <logic:present role="xxx"> tag. I was trying to test this. Unfortunately, it seems that struts can't seem to "know" my subject and principals (saved in a session attribute), so whatever the role I try (or user="userxx"), the tag is not displayed. Can anyone send me in the right direction regarding this? Where does struts look for the users and roles? How can I integrate JAAS with this MVC? -- View this message in context: http://www.nabble.com/JAAS-authorization-with-Struts-tf4000073.html#a11360901 Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
