*
The moose likes Struts and the fly likes Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Security" Watch "Security" New topic
Author

Security

Anup Om
Ranch Hand

Joined: Dec 30, 2009
Posts: 62
Hello,

The struts2 app I am developing uses container based security (<security-constraint> in web.xml). But, the user registration page is unsecure.
Once the user reqisters successfully, he would have to access secured resources to perform further actions. when the user hits the secured resources' url, he is
being asked to authenticate again. I don't want that to happen. If a user is able to register successfully, I want to consider him as a authenticated user.

For now, I am calling HttpServletRequest's login() method to perform authentication in the user registeration action. But, this method is added in Servlet 3.
What are the other alternatives I have? How can I do it with Servlet 2.5?

Thanks for help in advance.


SCJP6
Jesus Mireles
Ranch Hand

Joined: Mar 10, 2010
Posts: 122

Have you looked into using Spring to authenticate you right after the registration
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security
 
Similar Threads
Authentication with JDBC Realms and MVC pattern (Controller servlet)
How to secure servlet in websphere?
Form Authentication not working
login after registration using j_security_check
Java Client for a WS-Secure Jax-WS Web Service