i am trying to use Windows Authentication for my struts project. but i am new to that area. I need to restrict some people by accessing certain jsp pages. And some pages should be allowed only to view but not to edit.How can i restrict different users for view,edit,... for the same page?
I need a way to disable some links in the main page for certain users.(Those who have non administative rights)
please give mea solution or any resources tutorial etc regarding this.
hi manoj u must be having the admin and non admin rights for users in the database or file. just b4 the jsp page opens put a check and disable all the links based on the privileges assigned for the user. for authentication maybe u can use the prompt alert box for comparing the username and password. If that isnt what u wanted then i havent understood ur prob properly.
Life called,so here I am.<br />Cheers<br />Niki.:-)
Does your server support JAAS? If so, there must be a way to use LDAP (or Active Directory Service) login module via login configuration xml file. I think the authentication part is relatively easy if you can configure the login module xml file (server-specific) and security constraints in deployment descriptor file correctly. However, tricky part is the authorization because you want fine-grained control.
You can either create fine-grained roles in LDAP or use combination of roles defined in LDAP and page access attributes (read-only or edit) stored in database. When user logs in, you probably want to gather user's role info and access attributes to put them in his session. Also, you need to make sure to update the attributes table if a new user account is added to the LDAP server.
Why specifically do you want to use a Windows authentication mechanism? Do you have a requirement for single sign on, or could you tolerate a different mechanism for your app? I ask because single sign on is quite involved and authentication mechanisms provided with container are much easier to get to grips with.
If you do have to use windows for authentication, you've got a couple of routes you can explore. Have a look at the NTLM authentication scheme and download Samba. Alternatively look at Kerberos (and NTLM) and Taglish. Both use JAAS - so if you don't know how that works start by looking at this API.