File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Windows Authentication

 
manoj samarasinghe
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

i am trying to use Windows Authentication for my struts project.
but i am new to that area. I need to restrict some people by accessing
certain jsp pages. And some pages should be allowed only to view but not to edit.How can i restrict different users for view,edit,... for the same page?

I need a way to disable some links in the main page for certain users.(Those who have non administative rights)

please give mea solution or any resources tutorial etc regarding this.

thanks
manoj
 
Niki Nono
Ranch Hand
Posts: 256
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi manoj
u must be having the admin and non admin rights for users in the database or file.
just b4 the jsp page opens put a check and disable all the links based on the privileges assigned for the user.
for authentication maybe u can use the prompt alert box for comparing the username and password.
If that isnt what u wanted then i havent understood ur prob properly.
 
Heonkoo Lee
Ranch Hand
Posts: 85
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does your server support JAAS? If so, there must be a way to use LDAP (or Active Directory Service) login module via login configuration xml file. I think the authentication part is relatively easy if you can configure the login module xml file (server-specific) and security constraints in deployment descriptor file correctly. However, tricky part is the authorization because you want fine-grained control.

You can either create fine-grained roles in LDAP or use combination of roles defined in LDAP and page access attributes (read-only or edit) stored in database. When user logs in, you probably want to gather user's role info and access attributes to put them in his session. Also, you need to make sure to update the attributes table if a new user account is added to the LDAP server.

Hope this helps.

Good luck!
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Why specifically do you want to use a Windows authentication mechanism? Do you have a requirement for single sign on, or could you tolerate a different mechanism for your app? I ask because single sign on is quite involved and authentication mechanisms provided with container are much easier to get to grips with.

If you do have to use windows for authentication, you've got a couple of routes you can explore. Have a look at the NTLM authentication scheme and download Samba. Alternatively look at Kerberos (and NTLM) and Taglish. Both use JAAS - so if you don't know how that works start by looking at this API.
 
Poobhathy Kannan
Ranch Hand
Posts: 94
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Chris Maeda gives instructions for configuring Tomcat for JAAS-based Windows authentication.

Have a look here


it would help you.
 
Jeroen Wenting
Ranch Hand
Posts: 5093
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
sounds more like another "I want my serverside application to access the client computer directly" kind of question...
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic