File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Struts and the fly likes Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Security" Watch "Security" New topic


Anup Om
Ranch Hand

Joined: Dec 30, 2009
Posts: 62

The struts2 app I am developing uses container based security (<security-constraint> in web.xml). But, the user registration page is unsecure.
Once the user reqisters successfully, he would have to access secured resources to perform further actions. when the user hits the secured resources' url, he is
being asked to authenticate again. I don't want that to happen. If a user is able to register successfully, I want to consider him as a authenticated user.

For now, I am calling HttpServletRequest's login() method to perform authentication in the user registeration action. But, this method is added in Servlet 3.
What are the other alternatives I have? How can I do it with Servlet 2.5?

Thanks for help in advance.

Jesus Mireles
Ranch Hand

Joined: Mar 10, 2010
Posts: 122

Have you looked into using Spring to authenticate you right after the registration
I agree. Here's the link:
subject: Security
It's not a secret anymore!