This week's book giveaway is in the OCAJP 8 forum.
We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line!
See this thread for details.
The moose likes Struts and the fly likes Looking for documentation on Roles Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Looking for documentation on Roles" Watch "Looking for documentation on Roles" New topic

Looking for documentation on Roles

Tim Manchester
Ranch Hand

Joined: Nov 03, 2004
Posts: 62

I'm looking for documentation on how to use the 'roles' parameter with ActionMapping. Is anyone aware of where good info on how to use & how it works is located?


- DM_Tim
Jason Menard

Joined: Nov 09, 2000
Posts: 6450
The roles attribute is a comma delimited list of roles that are allowed access to the action. If a user is in one of these roles, access is granted. The default behavior is that these roles use container managed security. So what I'm guessing you really want to find out is how to set up user roles within your container.

Here are a couple of links which might help you get started depending on what your container is:

-Weblogic 8.1

So let's say you've set up roles called "administrator" and "user" for your app, and one of your users's, JohnDoe, has the "administrator" role. Given the following ActionMapping...

...When user JohnDoe authenticates into the system he will be in the role "administrator". When the RequestProcessor processes the request, it will ask the server if the user is in any of the roles allowed by the action as specified in the ActionMapping. Since JohnDoe is in the role of "administrator", he would be allowed access in this case. He would have also been granted access were he in the role of "user". The RequestProcessor may be extended to implement your own custom security if you prefer, instead of container managed security.
[ March 15, 2005: Message edited by: Jason Menard ]
Tim Manchester
Ranch Hand

Joined: Nov 03, 2004
Posts: 62
Wow, that was exactly the info I was looking for. I'll fool with that a bit and see how it works for me.


- DM_Tim
I agree. Here's the link:
subject: Looking for documentation on Roles
It's not a secret anymore!