File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Authentication and Authorization in struts

 
Vidya Gupta
Ranch Hand
Posts: 98
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Hi,

Can anyone tell me how to use authentication and authorization concept in struts ... please help me..

Regards,
Vidya
 
E Armitage
Rancher
Posts: 989
9
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Google JAAS
Maybe Google "Spring security" as well. Compare the two and see which one is most appropriate for your project.
P.S There is no need to include Struts in the searches/posts because there is no need to tie your security implementation to your view framework.
 
Daniel Val
Ranch Hand
Posts: 44
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Vidya Gupta wrote:

Hi,

Can anyone tell me how to use authentication and authorization concept in struts ... please help me..

Regards,
Vidya


If you want to do it yourself, I see two options:

1. you use a filter - if user is not authenticated, you redirect to the login page. The filter should be installed for *.jsp and *.do - this will cover all the dynamic content on the site.
2. you don't use a filter. This is not the best approach but it works. Then you need:
- A custom tag you put in all jsp files that can be accessed only while authenticated: inside the tag, you check if the user is authenticated, if not, redirect to the login page
- Except the action associated to the login page, check in each action method whether the user is authenticated, if not, forward to the login page

Obviously the second method requires more work. Personally I use filters for all the authentication needs.
 
William P O'Sullivan
Ranch Hand
Posts: 859
Chrome IBM DB2 Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Good answer Daniel.

WP
 
Mohana Rao Sv
Ranch Hand
Posts: 485
Eclipse IDE Firefox Browser Linux
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Denail explained very well. I would like to add more to it you better follow Filter approach and in Struts2 StrutsPrepareAndExecuteFilter is the centralized request processor so override this filter according to your need's.
 
Consider Paul's rocket mass heater.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic