providing security to struts url through embedded ldap server
posted 12 years ago
hi to all, The problem I'm facing is I have my application deployed in form of ear in weblogic 8.1 and we have provided security through sun one ldap server.. a particular module of the application does not need any security and also needs to communicate to external resource(ex:: somesite.com)the security definition given in web.xml is::
<security-constraint> <display-name>Example Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <role-name>role_name</role-name> <role-name>role_name1</role-name> <role-name>role_name2</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>Example Form-Based Authentication Area</realm-name> <form-login-config> <form-login-page>/jsp/login.jsp</form-login-page> <form-error-page>/jsp/error.jsp</form-error-page> </form-login-config> </login-config> <security-role> <description>An administrator</description> <role-name>role_name1</role-name> </security-role> <security-role> <description>An administrator</description> <role-name>role_name</role-name> </security-role> but this entry in web.xml restricts the other module of my application which needs to communicate to other resource... after I have assigned "everyone" role to the module.. It's a very serious problem and I'm strugling with it for last couple of day's... Please help me out..............!!! any suggestion and sample.. would be a great help.......
thanks in advance...!!! waiting for reply.............