RE: Has anyone integrated SecurityFilter within a Struts app?
Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
Security Filter has a list and there should be some documentation there from when I got it running. I used PostgreSQL but that is not important. this was the important section as I remember: realm className=org.securityfilter.realm.adapter.CatalinaRealmAdapter/ realm className=org.apache.catalina.realm.JDBCRealm realm-param name=driverName value=org.postgresql.Driver/ realm-param name=debug value=99/ realm-param name=connectionURL value=jdbc:postgresql://localhost:5432/basicportal/ realm-param name=connectionName value=bpuser/ realm-param name=connectionPassword value=bp/ realm-param name=userTable value=base_users/ realm-param name=userNameCol value=email_id/ realm-param name=userCredCol value=password/ realm-param name=userRoleTable value=base_users/ realm-param name=roleNameCol value=role_code/ /realm -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
did you have JDBCRealm working without security-fitler? if so look at the template I posted for the securityfilter-config.xml file. Once you get the structure right it should work. SF is a pseudo contained managed security. Not sure how JAAS works with it. -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:35 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
OK. Maybe I'm missing something ... but how do I gain access to the authenticated user? For instance ... once the user has logged in ... I wanted to present them with a page containing their first name ... lame example. D. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:45 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? did you have JDBCRealm working without security-fitler? if so look at the template I posted for the securityfilter-config.xml file. Once you get the structure right it should work. SF is a pseudo contained managed security. Not sure how JAAS works with it. -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:35 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
see getUserPrincipal().getName() in the Servlet API -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:47 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? OK. Maybe I'm missing something ... but how do I gain access to the authenticated user? For instance ... once the user has logged in ... I wanted to present them with a page containing their first name ... lame example. D. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:45 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? did you have JDBCRealm working without security-fitler? if so look at the template I posted for the securityfilter-config.xml file. Once you get the structure right it should work. SF is a pseudo contained managed security. Not sure how JAAS works with it. -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:35 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
Does it make sense to put this logic in the processPreprocess() method of the CustomRequestProcessor? -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 3:02 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? see getUserPrincipal().getName() in the Servlet API -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:47 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? OK. Maybe I'm missing something ... but how do I gain access to the authenticated user? For instance ... once the user has logged in ... I wanted to present them with a page containing their first name ... lame example. D. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:45 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? did you have JDBCRealm working without security-fitler? if so look at the template I posted for the securityfilter-config.xml file. Once you get the structure right it should work. SF is a pseudo contained managed security. Not sure how JAAS works with it. -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:35 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Has anyone integrated SecurityFilter within a Struts app?
John, Thanks a lot .. I'm going to do the logic in the RequestProcessor. Anyway I can retrieve the credentials too? Again ... thanks. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 3:11 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? to do logging? I have seen examples of that. As for just including information in a page why not in an ordinary action? Don't need special RequestProcessor to access the UserPrincipal -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 3:02 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Does it make sense to put this logic in the processPreprocess() method of the CustomRequestProcessor? -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 3:02 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? see getUserPrincipal().getName() in the Servlet API -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:47 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? OK. Maybe I'm missing something ... but how do I gain access to the authenticated user? For instance ... once the user has logged in ... I wanted to present them with a page containing their first name ... lame example. D. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:45 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? did you have JDBCRealm working without security-fitler? if so look at the template I posted for the securityfilter-config.xml file. Once you get the structure right it should work. SF is a pseudo contained managed security. Not sure how JAAS works with it. -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:35 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL
RE: Has anyone integrated SecurityFilter within a Struts app?
Take a look at the Servlet API. there is another method isUserInRole that may be of use http://java.sun.com/products/servlet/download.html -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 3:24 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? John, Thanks a lot .. I'm going to do the logic in the RequestProcessor. Anyway I can retrieve the credentials too? Again ... thanks. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 3:11 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? to do logging? I have seen examples of that. As for just including information in a page why not in an ordinary action? Don't need special RequestProcessor to access the UserPrincipal -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 3:02 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Does it make sense to put this logic in the processPreprocess() method of the CustomRequestProcessor? -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 3:02 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? see getUserPrincipal().getName() in the Servlet API -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:47 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? OK. Maybe I'm missing something ... but how do I gain access to the authenticated user? For instance ... once the user has logged in ... I wanted to present them with a page containing their first name ... lame example. D. -Original Message- From: John Menke [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:45 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? did you have JDBCRealm working without security-fitler? if so look at the template I posted for the securityfilter-config.xml file. Once you get the structure right it should work. SF is a pseudo contained managed security. Not sure how JAAS works with it. -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 2:35 PM To: 'Struts Users Mailing List' Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Here's what I want to do ... Use a JAAS soultion to authenticate/authorize the user. I the same breath ... as the user successfully 'logs'-in, I what to retrieve that users entire info from the DB, create an UserView and place it into the Session. I've succesfully done 3/4 of this in JBoss ... but am unable to retrieve the users crendtials. My thought was to check for the UserView in session ( by extending the RequestProcessor ), and if it didn't exist, retrieve the crendtials, find my user, create the view and store .. otherwise, continue processing. After looking into 'filters', I saw that it my be better to go that way. However, I'm not farmiliar with them and have a bit of a time constraint on my hands. If I could configure the securityFilter to achieve this .. I'd be golden. ( I like the fact that its app server independent as well, I hated coupling myself to JBoss ). Any thoughts would be greatly appreciated. D. -Original Message- From: Dan Payne [mailto:[EMAIL PROTECTED]] Sent: September 18, 2002 2:22 PM To: Struts Users Mailing List Subject: RE: Has anyone integrated SecurityFilter within a Struts app? Darren, I've successfully implemented the SecurityFilter with Tomcat 4.1.10, MySQL and JDBC Realm. Anything I can help you with? -Dan -Original Message- From: Darren Hill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 7:43 AM To: 'Struts Users Mailing List' Subject: Has anyone integrated SecurityFilter within a Struts app? I'm looking for an example webapp. I've wasted too much time already doing it myself. I've got an app that uses JAAS with JBoss, but its too tightly coupled. And JBoss doesn't have the best documentation. I also need to retrieve and store a UserView upon successful authentication, so that I may grab it from session .. yada yada yada. D. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail