I wrote a test application using JAAS to provide login authentication and some basic role based authorization. However, we are now looking to incorporate Struts 2.0 into our application. However, my attempts to combine the code from their respective web.xml has not panned out. It seems I can use the JAAS security constraints or the struts filter, but not both. Does anyone have any experience with this or can point to a good resource for guidance. I have a basic understanding of Struts and am very new to the whole security aspect.
A Struts 2.0 (well, 2.3.x) web app certainly can use JEE standard security. JAAS is one piece of that puzzle.
See the JEE Tutorial for more on how to best secure JEE and Struts apps. If you still have problems or questions, you'll have to give us more information on your configuration and the errors you are receiving.