If I create multiple struts configurations, do my actions end up having the
prefix in the path, so that they could be secured?
ie.
<action path="/secure/Main_Menu"
name="Dummy_Form"
input="/Main_Menu.jsp"
parameter="default=setup"
type="view.struts.actions.secure.Main_Menu_Action"
validate="false">
<forward name="success" path="/secure/Main_Menu.jsp" />
</action>
OR, is it that the path is part of the directory where the file is stored (the
input attribute of the action or the forward), and the action's path simply
contains a name?
ie.
<action path="/Main_Menu"
name="Dummy_Form"
input="/Main_Menu.jsp"
parameter="default=setup"
type="view.struts.actions.secure.Main_Menu_Action"
validate="false">
<forward name="success" path="/secure/Main_Menu.jsp" />
</action>
If I create the second action in struts-config-secure.xml, will other actions
need a /secure/ prefix in the path like the forward below this?
That's kind of why I asked the original question - I wasn't sure how to proceed
with it, and it seems like Struts modules is the solution. However, after
spending some time with the modules, I ran into issues with it being able to
see images, css files, pages from the global-exceptions entry if within a
subsystem, links on certain pages if they are specific to a module and not
defined there, links to html files in the root context. I also read through
numerous threads on people trying to store entries in WEB-INF and having issues
with modules. What it all boils down to is what I'm asking here:
How do I have three sets of code and set this up with a multiple config file
with some parts secure, some not, and a section reusable by both:
1. ExternalBusinessPartners (needs to be sured)
2. ExternalAnonymous (no security required)
3. Common
I'd really appreciate any additional help anyone can provide.
Thanks again,
Eric
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of Paul Benedict
Sent: Sunday, September 30, 2007 8:39 PM
To: Struts Users Mailing List
Subject: Re: [s1.35] Need help with Struts and Modules
Get rid of modules. They aren't worth the hassle. You can easily split up
your struts config without using modules.
On 9/28/07, Givler, Eric <[EMAIL PROTECTED]> wrote:
>
> Can anyone assist with this?
>
> -----Original Message-----
> From: Givler, Eric [mailto:[EMAIL PROTECTED]
> Sent: Saturday, September 22, 2007 1:25 AM
> To: user@struts.apache.org
> Subject: [s1.35] Need help with Struts and Modules
>
>
> Hello,
>
> Let me just say that I'm struggling at times writing my first production
> Struts application. The issue that I'm trying to wrestle with now is that
> part of the application requires security, and part of it should allow
> general access to the public. This sounds like a case for modules (I
> think). So, I separated the code into a main folder, and then two other
> folders (the secure, and another subsystem which is not secure).
>
> If I need to have the unprotected system and the protected system SHARE
> some code as well, I'm assuming I have to keep that in the default module,
> since otherwise, a security constraint would pop up when the unauthenticated
> user tried to hit those pages. If I'm in the authenticated module and I
> want to start a process that's defined in my default module, how would I do
> that?
>
> That is, would it be as simple as adding a link to my JSP in my auth'd app
> pointing back to the unauth'd:
> <html:link module="" path="/StartApp.do" >Start an application
> process</html:link>
>
> Now, I have two users running app entry (one auth'd and one not). If they
> start an application and cancel it, they should return to their prospective
> "subsystem". What am I setting up in my struts-config.xml file(s) to
> handle this, and then in my action class? Can you be specific on this (with
> an example of code)?
>
> I really appreciate any help on this one - Thanks much,
>
> Eric
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
