Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

Windows Authentication

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

i am trying to use Windows Authentication for my struts project.
but i am new to that area. I need to restrict some people by accessing
certain jsp pages. And some pages should be allowed only to view but not to edit.How can i restrict different users for view,edit,... for the same page?

I need a way to disable some links in the main page for certain users.(Those who have non administative rights)

please give mea solution or any resources tutorial etc regarding this.

thanks
manoj
 
Ranch Hand
Posts: 256
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi manoj
u must be having the admin and non admin rights for users in the database or file.
just b4 the jsp page opens put a check and disable all the links based on the privileges assigned for the user.
for authentication maybe u can use the prompt alert box for comparing the username and password.
If that isnt what u wanted then i havent understood ur prob properly.
 
Ranch Hand
Posts: 85
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Does your server support JAAS? If so, there must be a way to use LDAP (or Active Directory Service) login module via login configuration xml file. I think the authentication part is relatively easy if you can configure the login module xml file (server-specific) and security constraints in deployment descriptor file correctly. However, tricky part is the authorization because you want fine-grained control.

You can either create fine-grained roles in LDAP or use combination of roles defined in LDAP and page access attributes (read-only or edit) stored in database. When user logs in, you probably want to gather user's role info and access attributes to put them in his session. Also, you need to make sure to update the attributes table if a new user account is added to the LDAP server.

Hope this helps.

Good luck!
 
Bartender
Posts: 10336
Hibernate Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Why specifically do you want to use a Windows authentication mechanism? Do you have a requirement for single sign on, or could you tolerate a different mechanism for your app? I ask because single sign on is quite involved and authentication mechanisms provided with container are much easier to get to grips with.

If you do have to use windows for authentication, you've got a couple of routes you can explore. Have a look at the NTLM authentication scheme and download Samba. Alternatively look at Kerberos (and NTLM) and Taglish. Both use JAAS - so if you don't know how that works start by looking at this API.
 
Ranch Hand
Posts: 94
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Chris Maeda gives instructions for configuring Tomcat for JAAS-based Windows authentication.

Have a look here


it would help you.
 
Ranch Hand
Posts: 5093
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sounds more like another "I want my serverside application to access the client computer directly" kind of question...
 
reply
    Bookmark Topic Watch Topic
  • New Topic