aspose file tools*
The moose likes Struts and the fly likes Exceptions to a default security-constraint Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Exceptions to a default security-constraint" Watch "Exceptions to a default security-constraint" New topic
Author

Exceptions to a default security-constraint

Anders Sjurmann
Greenhorn

Joined: Apr 11, 2008
Posts: 4
Hi
I’ve used Struts2 and Glassfish to create a web-app which has two user roles: user, and admin. I would like all actions to be constrained to the admin role by default, and a subset of the actions to be available to the "basic" user. I guess this can be achieved by for the admin-role. But, and here is the problem, I also have a login-action and a registration-action (register new users) which should be available for everybody, and the *-constraint will not allow this. So is there a way to create a security-constraint which applies to users that are not logged in? Is there a default user-role which applies to users that are not logged in? Or any other way to create an exception to a "default" security-constraint?

Or is the only solution to name all actions explicitly for all constraints, and leave out the register- and login-action (i.e. no "default" security-constraint)

Thanks, Anders
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Exceptions to a default security-constraint