I can't speak in too much depth about JAAS in general, nor about certain aspects of Acegi, but we've been using Acegi (now Spring Security) in production with a Struts 2 site for a couple of months and we are very pleased with the relative ease of implementation. Without knowing what you want out of a security system I can't really provide more information. We're using Spring Security to access a few simple database tables that provide user authentication and authorization info. I haven't tried integrating it with the client's Active Directory setup yet so I can't speak to clever stuff like that.
jk On Fri, Jun 19, 2009 at 3:20 AM, aum strut <aum.str...@gmail.com> wrote: > Hi All, > > We are on the way to develop a new application using struts2. Currently we > are analysing the area of authentication and authorization, we do have some > options of using the following frame work for these > > 1) Acegi > 2)JAAS > > my point is that we any one in the list is using any of the security frame > work.please let me know about there experiences, so that it will help us in > choosing the right security model. > > regarding the pltfrom we have decided to use is as follows > > 1) Struts2 > 2) JSP/Velocity > 3) Hibernate > 4) YUI > > these are the core building block rest technologies and frame work can be > choosen as required > > looking forward for your valuable suggestions. > > thannks in advance > aum > -- Jim Kiley Senior Technical Consultant | Summa [p] 412.258.3346 http://www.summa-tech.com
