my dog learned polymorphism
The moose likes Struts and the fly likes Struts 2.0 with authentication security (JAAS?) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Struts 2.0 with authentication security (JAAS?)" Watch "Struts 2.0 with authentication security (JAAS?)" New topic

Struts 2.0 with authentication security (JAAS?)

Dustin Platter

Joined: Sep 26, 2012
Posts: 7


I wrote a test application using JAAS to provide login authentication and some basic role based authorization. However, we are now looking to incorporate Struts 2.0 into our application. However, my attempts to combine the code from their respective web.xml has not panned out. It seems I can use the JAAS security constraints or the struts filter, but not both. Does anyone have any experience with this or can point to a good resource for guidance. I have a basic understanding of Struts and am very new to the whole security aspect.

If it helps we are using a Wildfly 8 web server.

Thank you
Joe Ess

Joined: Oct 29, 2001
Posts: 9190

A Struts 2.0 (well, 2.3.x) web app certainly can use JEE standard security. JAAS is one piece of that puzzle.
See the JEE Tutorial for more on how to best secure JEE and Struts apps. If you still have problems or questions, you'll have to give us more information on your configuration and the errors you are receiving.

[How To Ask Questions On JavaRanch]
I agree. Here's the link:
subject: Struts 2.0 with authentication security (JAAS?)
It's not a secret anymore!