This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Struts 2 security

 
E Robb
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there any generally accepted way to provide security to a struts application after login? O have looked through Acegi Security examples but dont really see any way to implement it without putting spring jars in my lib which I would prefer not to do.

Does struts 2 provide some out of the box jar I can implement? Also I noted in Struts 2 in Action there is an example of a custom built inteceptor for the purpose. Is this the generally accepted method? I looked into JAAS but do not want to have to make changes to every jBoss instance the application is running off of.

Could someone give me some feed back on the methods they like for securing a web app and why? Links to examples would be helpful.

Thanks
 
Joe Ess
Bartender
Pie
Posts: 9258
10
Linux Mac OS X Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No, Struts 2 does not have any security functionality built-in.
I usually use container-based security. I've seen others using Acegi and implementing custom solutions. It all depends on your particular requirements.
 
E Robb
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Doesnt container based security require changes to the servlet container? If not can you provide a link for simple deployment.

The web site I am working on will be deployed to 100's of containers and I dont want our technical team to have to change the servlet container every time.

thanks,
earl
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic