This week's giveaway is in the Testing forum.
We're giving away four copies of TDD for a Shopping Website LiveProject and have Steven Solomon on-line!
See this thread for details.
Win a copy of TDD for a Shopping Website LiveProject this week in the Testing forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

looking for a tutotiral regarding security management

 
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi there,

can anyone advise on any tutorial for 'security-management' in terms of users/permissions/subject/groups/roles etc?

I'm fairly new to this subject and wonder where to start. I read about JAAS but it had so much irrelevant info to security-management that I was overwhelmed.

I have a struts application in which I want to give user permission, to view some record and to provide flexibility to 'admin' to assign roles.

Thank you!
 
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
JAAS is a general-purpose framework that's often overkill, especially for web apps that provide a mechanism based on users/roles/permissions define din the servlet spec.

The http://faq.javaranch.com/java/TomcatFaq has some pointers on this in the "How do I implement security for my web application ?" section (it's applicable to other servlet containers as well).
 
Ranch Hand
Posts: 88
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Peter,
Have you had a look at acegi?
I'm currently hooking it up to a struts based application. The learning curve is steep but manageable. However it takes care of a lot of things you have
to consider when wrapping a security layer around a web app.
regards,
Mo

ps- If you do pursue the acegi approach, have a look at Spring in Action book by Craig Walls. It has a good chapter on it
[ February 20, 2008: Message edited by: mo sayed ]
 
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi ,
How to integrate Struts with ACEGI for authentication and Authorization?
Is it possible to integrate ACEGI with Struts1.2?
Please help.

Regards,
Prem
 
Hey! You're stepping on my hand! Help me tiny ad!
free, earth-friendly heat - a kickstarter for putting coin in your pocket while saving the earth
https://coderanch.com/t/751654/free-earth-friendly-heat-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic