I agree. You should first try Acegi. If your auth needs are very specific, you can always develop a custom interceptor.
Alvaro. On 8/20/07, Zarar Siddiqi <[EMAIL PROTECTED]> wrote: > If you're using Spring, it's probably a great idea to use Acegi > Security to handle authentication/authorization. I can't think of > anything it can't do. > > http://www.acegisecurity.org/ > > There's also Berkano which doesn't do nearly as much as Acegi but can > handle most general AA problems: > > http://berkano.codehaus.org/ > > Zarar > > > On 8/20/07, Roberto Nunnari <[EMAIL PROTECTED]> wrote: > > Hi all. > > > > I need to implement Authentication and Authorization in > > a S2 web application, and before reinventing the wheel, I'd > > like to ask the list for hints and advice. > > > > 1) Is there built-in support in Struts2 for Authentication and > > Authorization? > > > > 2) What are the best practices for AA in S2? > > > > 3) Is JAAS be a practical way in S2? > > > > More details: > > - The application lets the users dynamically register as members > > - In the application, the members can be part of one of two or three > > groups (roles) > > - unauthenticated users can only view some global data > > - authenticated users can change some of their own data > > - authenticated users can view some of other members data > > - the authenticated users can add global content > > - authenticated users in more privileged roles can change some global data > > - authenticated users in the admin role, can do anything > > > > Thank you. > > > > -- > > Robi > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Alvaro Sanchez-Mariscal Arnaiz Java EE Architect & Instructor [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
