File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Struts and the fly likes Struts and JDBC/realm Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Struts and JDBC/realm" Watch "Struts and JDBC/realm" New topic
Author

Struts and JDBC/realm

kelly goedert
Greenhorn

Joined: May 14, 2003
Posts: 26
I trying to use roles in my application, like an administrator can do anything and other users cannot. I using JDBC realm for that but it doesn't seem to be working.
Here is my struts-config.xml
<!-- Action Mapping Definitions -->
<action-mappings>
<action path="/login"
type="LoginAction"
name = "loginForm"
scope="request"
input="/index.jsp"
validate="true">
<forward
name="continue"
path="/principal.jsp"/>
<forward
name="erro"
path="/index.jsp"/>
</action>
<action path="/adm"
roles = "adm"
forward = "/adm.jsp">
</action>
<action path="/user"
roles = "user"
forward = "/usr.jsp">
</action>
<action path="/principal"
forward = "/principal.jsp">
</action>
</action-mappings>
And here is my web.xml (the security part)
<security-constraint>
<display-name></display-name>
<web-resource-collection>
<web-resource-name></web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/do/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>adm</role-name>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/index.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
<role-name>adm</role-name>
<role-name>user</role-name>
</security-role>

In my login form the action is called like this
<html:form action="/login">
....
</html:form>
I would like that after the login I would go to principal.jsp and there I would have two links: one to be accessed by adm users and other to be used by the ones with "user" role.
What I'm doing wrong?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Struts and JDBC/realm