File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Extract security configurations from web.xml to external tool? How to? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Extract security configurations from web.xml to external tool? How to?" Watch "Extract security configurations from web.xml to external tool? How to?" New topic
Author

Extract security configurations from web.xml to external tool? How to?

Stanley Walker
Ranch Hand

Joined: Sep 23, 2009
Posts: 87
HI,

My question is how do i avoid mentioning authorization parameters in deployment descriptors, eg how do i perform authorization checks without mentioning security role, security constraints? is there any way in which i can extract the security configurations done in web.xml and configure the same in some tool?
The reason i want to do that are:

1. in a typical application there may be close to 200 url patterns, and multiple security roles. It becomes a very difficult task to rely only on the web.xml parameters.
2. i would also like the capability to alter role access mappings without making any changes in the applications. eg. customer role has access to /Buy.jsp , i also want to grant access to dealer role to /buy.jsp or may be even prevent customer role from accessing /buy.jsp
3. i also do not want to rely heavily on programmatic security because it may end up causing code changes eg: isUserInRole('CUSTOMER') may be required to change to isUserInRole('CUSTOMER')||isUserInRole('DEALER')

Are there any tools available in the market which can meet my needs?

Any help in this matter will be greatly appreciated.
manjesh ipp
Greenhorn

Joined: Jan 01, 2011
Posts: 9
Take a look at Apache product
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Extract security configurations from web.xml to external tool? How to?