Hi everybody! I need to configure the login and authorization system in my application. I have struts2 together with jboss and mysql. I found the following information about it: <interceptor name="roles" class="org.apache.struts2.interceptor.RolesInterceptor" /> (http://struts.apache.org/2.x/struts2-core/apidocs/org/apache/struts2/interceptor/RolesInterceptor.html, http://struts.apache.org/2.0.11/docs/interceptors.html), http://www.vitarara.org/cms/struts_2_cookbook/creating_a_login_interceptor. As I understand the logic should be like this: from login.jsp get username and password, then get information about the user from mysql db (I mean confirming information about existence of the user and additional information about roles of the user), then put this information into session, then use RolesInterceptor to define access to the certain action. Am I right? But I have not caught yet how could I put user object (see ref#3 - vitarara...) with information about login, password and roles (which are in the mysql db) into session? RolesInterceptor class has the setAllowedRoles method. Could I use it to define a set of roles for user? How could I Do it? I appreciate any kind of help! Thanx a lot!!!
Sincerely yours, Andrey V. Filippov
