It's not a secret anymore!
The moose likes Struts and the fly likes Struts and JDBC/realm Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Struts and JDBC/realm" Watch "Struts and JDBC/realm" New topic

Struts and JDBC/realm

kelly goedert

Joined: May 14, 2003
Posts: 26
I trying to use roles in my application, like an administrator can do anything and other users cannot. I using JDBC realm for that but it doesn't seem to be working.
Here is my struts-config.xml
<!-- Action Mapping Definitions -->
<action path="/login"
name = "loginForm"
<action path="/adm"
roles = "adm"
forward = "/adm.jsp">
<action path="/user"
roles = "user"
forward = "/usr.jsp">
<action path="/principal"
forward = "/principal.jsp">
And here is my web.xml (the security part)
<!-- Define the context-relative URL(s) to be protected -->
<!-- If you list http methods, only those methods are protected -->
<!-- Anyone with one of the listed roles may access this area -->
<!-- Default login configuration uses form-based authentication -->
<realm-name>Example Form-Based Authentication Area</realm-name>

<!-- Security roles referenced by this web application -->

In my login form the action is called like this
<html:form action="/login">
I would like that after the login I would go to principal.jsp and there I would have two links: one to be accessed by adm users and other to be used by the ones with "user" role.
What I'm doing wrong?
I agree. Here's the link:
subject: Struts and JDBC/realm
It's not a secret anymore!