Re: JAAS struts 2 Tutorial?

Mon, 17 Sep 2007 09:48:11 -0700

I would like a tutorial on integrating jaas in struts2 too. Or rather than a tutorial, i would like to see some working code. I've done a lot of reading (i'm new to java web applications, it's been only a month since i've started) and i have some understanding on how this should work but i just can't picture it yet in a real app.
I know I'm not being helpful here, sorry. But if anyone wants to write a tutorial on this, it would be greatly appreciated 

regards
Eugen Stoianovici

Muhammad Momin Rashid wrote:

Hello Tom,


Thanks for your continued input.  The application isn't simple, it is 
a J2EE application which will serve a large number of users (users 
will be using Web Browser or Mobile Device to access the application).



Based on the help I got on this list, I have been successful in 
setting up JAAS and authenticating the user.



Now I am just not sure if the user credentials are being kept. 
Following is the code I wrote which processes the user's login.  Can 
you see what I am missing?  I have placed the following code in the 
execute method of my action, perhaps it isn't the right place?


Subject subject;
Set principalList;

String returnValue = SUCCESS;
try
{

    SecurityAssociationHandler handler = new 
SecurityAssociationHandler();

    SimplePrincipal user = new SimplePrincipal(username);
    handler.setSecurityInfo(user, password.toCharArray());

    LoginContext loginContext = new LoginContext("ContentPlatform", 
(CallbackHandler) handler);

    loginContext.login();
    subject = loginContext.getSubject();
    principalList = subject.getPrincipals();
    principalList.add(user);

    
    System.out.println("o0o0o subject:"

        + subject);
    System.out.println("o0o0o principle:"
        + principalList);
}
catch (LoginException e)
{
    e.printStackTrace();
    returnValue = ERROR;
}

return returnValue;


Regards,
Muhammad Momin Rashid.

tom tom wrote:

If it's simple application, you dont need JAAS, You
can do it via just session management isnt it? You
might need user, role, user-role  threee tables on
database thats it :)

If you are using Application server like Jboss, the
server itself got inbuilt features, which is
altogether a different discussion.


If the application is simple, do not make it
complicated,

we use JASS with CAS central authentication service
which provided SSO features.


hope this helps









--- Muhammad Momin Rashid <[EMAIL PROTECTED]> wrote:


Hello tom,

I am building a J2EE application, that is going to
be viewed using Web Browser and Mobile Devices.

I am trying to implement security so that only a

logged in user with the correct role can access the different parts 
of the

application e.g. a non-logged in user can only access the public

information, a logged in user can access his private data, and an 
logged in

admin user can access the admin console.

Regards,
Muhammad Momin Rashid.

tom tom wrote:

what exactly you are trying to do?


--- Muhammad Momin Rashid <[EMAIL PROTECTED]>

wrote:

Hello Everyone,

I am looking for a tutorial for integrating JAAS
into my Struts 2 + Hibernate Application.  Can anyone point me to

the

right resources?

Is JAAS the best way to go, or there are better
alternates?  If anyone thinks there are better alternates, can you

provide

me with the links to relevant tutorials?

Regards,
Muhammad Momin Rashid.




---------------------------------------------------------------------

To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]






     

____________________________________________________________________________________ 


Luggage? GPS? Comic books? Check out fitting gifts for grads at 
Yahoo! Search



http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz




---------------------------------------------------------------------

To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]







       
____________________________________________________________________________________ 

Be a better Globetrotter. Get better travel answers from someone who 
knows. Yahoo! Answers - Check it out.

http://answers.yahoo.com/dir/?link=list&sid=396545469



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
























					Reply via email to