wood burning stoves 2.0*
The moose likes Struts and the fly likes Struts: Access rights Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Struts: Access rights" Watch "Struts: Access rights" New topic
Author

Struts: Access rights

Lakshmanan NS
Greenhorn

Joined: Apr 02, 2003
Posts: 20
Hi all,
Does anybody used / come across any framework or pattern which deals with access rights in struts. I am looking at something like given a URL and an event, we can define access rights for the logged in user whether he/she can access this functionality or not. Any thougts?
Lakshmanan
Darryl A. J. Staflund
Ranch Hand

Joined: Oct 06, 2002
Posts: 303
Hi there,
I am not sure of the exact type of authorization you are looking to put in place with your Struts application but I hope the following personal findings might be helpful:
1. User authentication is best implemented using JAAS.
2. Role-based authorization is best implemented using security configuration files. It can also be used in conjunction with Struts as described below.
3. Struts 1.1 implements action-based authorization. If you take a look at the struts-config.xml 1.1 DTD, you'll find that you authorize certain roles to execute Struts actions while denying others.
4. Struts 1.1 also impelements tiles-based authorization (if you're using its Tiles component.) In effect, Struts lets you authorize certain roles to display tiles while denying others. Look at the Tiles-related DTDs for more information on it.
5. If you need to perform more complex authorization checks at the action-level, you can subclass the RequestProcessor class and then override the default doRoles method.
Hope this helps.
Darryl
Lakshmanan NS
Greenhorn

Joined: Apr 02, 2003
Posts: 20
Hi
Thanks for the reply. But we are still using Struts 1.0.2 as it is a stable release.
Lakshman
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Struts: Access rights
 
Similar Threads
Unable To Write Image on Web Host Directory
Another little SCWCD competition
finalize method
Applet rights ...
Access Rights