aspose file tools*
The moose likes BEA/Weblogic and the fly likes providing security to struts url through embedded ldap server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "providing security to struts url through embedded ldap server" Watch "providing security to struts url through embedded ldap server" New topic
Author

providing security to struts url through embedded ldap server

akshay pandit
Ranch Hand

Joined: Jun 15, 2003
Posts: 44
hi to all,
The problem I'm facing is I have my application deployed in form of ear in weblogic 8.1 and we have provided security through sun one ldap server.. a particular module of the application does not need any security and also needs to communicate to external resource(ex:: somesite.com)the security definition given in web.xml is::

<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>role_name</role-name>
<role-name>role_name1</role-name>
<role-name>role_name2</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>An administrator</description>
<role-name>role_name1</role-name>
</security-role>
<security-role>
<description>An administrator</description>
<role-name>role_name</role-name>
</security-role>
but this entry in web.xml restricts the other module of my application which needs to communicate to other resource... after I have assigned "everyone" role to the module.. It's a very serious problem and I'm strugling with it for last couple of day's...
Please help me out..............!!! any suggestion and sample.. would be a great help.......

thanks in advance...!!!
waiting for reply.............

Akshay Pandit..
 
jQuery in Action, 2nd edition
 
subject: providing security to struts url through embedded ldap server