This week's book giveaway is in the OO, Patterns, UML and Refactoring forum.
We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line!
See this thread for details.
The moose likes BEA/Weblogic and the fly likes providing security to struts url through embedded ldap server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "providing security to struts url through embedded ldap server" Watch "providing security to struts url through embedded ldap server" New topic
Author

providing security to struts url through embedded ldap server

akshay pandit
Ranch Hand

Joined: Jun 15, 2003
Posts: 44
hi to all,
The problem I'm facing is I have my application deployed in form of ear in weblogic 8.1 and we have provided security through sun one ldap server.. a particular module of the application does not need any security and also needs to communicate to external resource(ex:: somesite.com)the security definition given in web.xml is::

<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>role_name</role-name>
<role-name>role_name1</role-name>
<role-name>role_name2</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>An administrator</description>
<role-name>role_name1</role-name>
</security-role>
<security-role>
<description>An administrator</description>
<role-name>role_name</role-name>
</security-role>
but this entry in web.xml restricts the other module of my application which needs to communicate to other resource... after I have assigned "everyone" role to the module.. It's a very serious problem and I'm strugling with it for last couple of day's...
Please help me out..............!!! any suggestion and sample.. would be a great help.......

thanks in advance...!!!
waiting for reply.............

Akshay Pandit..
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: providing security to struts url through embedded ldap server
 
It's not a secret anymore!