Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Declarative Security + Front Controller

 
Jared Sprague
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Doesnt the use of the Front Controller design pattern eliminate the possibility of using declarative security? Since with the Front Controller you have one centrailized access servlet into your webapp, all users only request a single web resource, so you cant put constraints on it. Are you forced to use programmatic security if you use a Front Controller?
[ December 13, 2004: Message edited by: Jared Sprague ]
 
Anthony Watson
Ranch Hand
Posts: 327
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Using a front controller does not prevent you from using declarative security. Your front controller needs a way to determine which object to delegate the request processing to. This is generally based on the URL in some form or another. You can then apply declarative security to the URL. As one example, lets say you had two request processing classes, ClassA and ClassB. You could set it up so that the controller delegates a client's request to ClassA if the URL looks like the following - http://myServer/myApp/myController/ClassA

Using this approach, you can set up your declarative security like so:

[ December 13, 2004: Message edited by: Anthony Watson ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic