• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Authentication and Authorization in struts

 
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


Hi,

Can anyone tell me how to use authentication and authorization concept in struts ... please help me..

Regards,
Vidya
 
Rancher
Posts: 989
9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Google JAAS
Maybe Google "Spring security" as well. Compare the two and see which one is most appropriate for your project.
P.S There is no need to include Struts in the searches/posts because there is no need to tie your security implementation to your view framework.
 
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Vidya Gupta wrote:

Hi,

Can anyone tell me how to use authentication and authorization concept in struts ... please help me..

Regards,
Vidya



If you want to do it yourself, I see two options:

1. you use a filter - if user is not authenticated, you redirect to the login page. The filter should be installed for *.jsp and *.do - this will cover all the dynamic content on the site.
2. you don't use a filter. This is not the best approach but it works. Then you need:
- A custom tag you put in all jsp files that can be accessed only while authenticated: inside the tag, you check if the user is authenticated, if not, redirect to the login page
- Except the action associated to the login page, check in each action method whether the user is authenticated, if not, forward to the login page

Obviously the second method requires more work. Personally I use filters for all the authentication needs.
 
Ranch Hand
Posts: 859
IBM DB2 Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Good answer Daniel.

WP
 
Ranch Hand
Posts: 485
Eclipse IDE Firefox Browser Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Denail explained very well. I would like to add more to it you better follow Filter approach and in Struts2 StrutsPrepareAndExecuteFilter is the centralized request processor so override this filter according to your need's.
 
I want my playground back. Here, I'll give you this tiny ad for it:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic