Can be done using declarative security (using DD) and having the Authenticatio type set to Basic or Form and defining your own Realm for the user-pwd database however as i know of programmatic security , you can create an actionservlet lets say LoginSevlet and in the execute you can call a method(helper)that checks for user authentication:
(if somebody knows how to use Declarative Security without using the tomcat-users.xml file , i ll appreciate that)
-------------------------------------------------------------------------
The code should look something like this
-------------------------------------------------------------------------
class LoginServlet extends Action{
ActionForward execute(ActionMapping map, ActionForm form,HttpServletRequest req, HttpServletResponse res) throws Exception{
LoginForm loginForm=(LoginForm)form;
String user=loginForm.getUser();
String pwd= loginForm.getPwd();
if(isAuthenticated(user,pwd)){
return map.findForward("Success");
}else{
return map.findForward("Failed");
}
}
private isAuthenticated(String user,Sring pwd){
//make database conection and verify user name-password
return true/false;
}
}
------------------------------------------------------------------
This LoginServlet will be called from the <html:form action="loginSerlet">
and should have the following mapping in struts-config.xml file
---------------------------------------------------------------------------
<action
path="/loginServet"
type="com.prakash.LoginServlet">
<forward name="Success" path="/pageOnSuccessfulLogon"/>
<forward name="Failed" path="/backtoLoginPage"/>
</action>
-------------------------------------------------------------------------
-Thanks