subject:"login mechanism"

Re: login mechanism

2002-12-30 Thread Matt Raible <[EMAIL PROTECTED]>

I have my ActionServlet mapped to "*.do" and an ActionFilter mapped to
that same url-pattern.  In ActionFilter, I check to see if there is a
UserForm in the session, and secondly to see if
request.getRemoteUser() returns null.  If either of these occur, I
call my Business Delegate (UserManager in my case) to get the user's
information. Currently, it talks to a database to get the information,
but it easily could talk to a Directory Server like LDAP.  Here's some
code from my doFilter method:

UserForm userForm = (UserForm)
session.getAttribute(Constants.USER_KEY);
ServletContext ctx = filterConfig.getServletContext();
String username = request.getRemoteUser();

// user authenticated, empty user object
if ((username != null) && (userForm == null)) {
try {
UserManager mgr = new UserManagerImpl((String)
ctx.getAttribute(Constants.DAO_TYPE));
UserForm user = mgr.getUser(username);
session.setAttribute(Constants.USER_KEY, user);
} catch (Exception e) {
log.error("Error getting user's information", e);
e.printStackTrace();

ActionErrors errors = new ActionErrors();
errors.add(ActionErrors.GLOBAL_ERROR,
   new ActionError("errors.general"));

while (e != null) {
errors.add(ActionErrors.GLOBAL_ERROR,
   new ActionError("errors.detail",
e.getMessage()));
e = (Exception) e.getCause();
}

request.setAttribute(Globals.ERROR_KEY, errors);

// forward to the error page
RequestDispatcher dispatcher =
request.getRequestDispatcher("/error.jsp");
dispatcher.forward(request, response);

return; // stop processing
}
}



--- In [EMAIL PROTECTED], usha <[EMAIL PROTECTED]> wrote:
> Hi
> 
> can you tell me briefly how you are using filtes in security-example 
> application.
> 
> Thanks
> usha
> 
> Matt Raible wrote:
> 
> >You could use a filter to map to all your protected resources.  This 
> >is what I do in the security-example application I recently wrote.  
> >You can download the source at:  
> >
> >http://javawebapps.com/downloads/security-example.zip (14MB)
> >
> >HTH,
> >
> >Matt
> >
> >--- In [EMAIL PROTECTED], usha <[EMAIL PROTECTED]> wrote:
> >  
> >
> >>Hi
> >>
> >>Sorry what you mean by proxy. i didn't get you actually i wanted 
> >>
> >>
> >to 
> >  
> >
> >>authenticate logged in user against the users that are there in 
> >>
> >>
> >the 
> >  
> >
> >>database, and when ever they bookmark some page and if they go to 
> >>
> >>
> >that 
> >  
> >
> >>page directly i wanted to display the login page after they login 
> >>sussefully only . right now with form based authentication i am 
> >>
> >>
> >getting 
> >  
> >
> >>this , but i had some drawbacks as i mentioned in the previous 
> >>
> >>
> >mail. is 
> >  
> >
> >>there a standard way i can use for user login checks.
> >>
> >>thanks
> >>usha
> >>
> >>Eddie Bush wrote:
> >>
> >>
> >>
> >>>Write a proxy to retrieve the user data you wish to put in the 
> >>>session. The proxy will check to see if a user has been 
> >>>  
> >>>
> >authenticated 
> >  
> >
> >>>(request.getUserPrincipal() != null), and, if they have, it will 
> >>>  
> >>>
> >check 
> >  
> >
> >>>to see if your user data has been created yet.  If it has, it 
> >>>  
> >>>
> >will 
> >  
> >
> >>>just take it from the session and return it.  If it hasn't, it 
> >>>  
> >>>
> >will 
> >  
> >
> >>>create it, save it to the session, and return it.
> >>>
> >>>That help?
> >>>
> >>>usha wrote:
> >>>
> >>>  
> >>>
> Hi
> 
> i am new to structs. right now i am using in my project form 
> 
> 
> >based 
> >  
> >
> authentication. with this i have some problems like i cannot 
> instantiate some of session veriable upon logging etc. is there 
> 
> 
> >any 
> >  
> >
> standard mechnism for loging using sturcts. i am using JBoss as 
> 
> 
> >my 
> >  
> >
> application server.
> 
> Thanks in advance
> usha.. 
> 
> 
> >>>  
> >>>
> >>
> >>
> >>--
> >>To unsubscribe, e-mail:   
> >>For additional commands, e-mail: 
> >>
> >>
> >
> >
> >--
> >To unsubscribe, e-mail:   
> >For additional commands, e-mail: 
> >  
> >
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: login mechanism

2002-12-29 Thread usha

Hi

can you tell me briefly how you are using filtes in security-example 
application.

Thanks
usha

Matt Raible wrote:

You could use a filter to map to all your protected resources.  This 
is what I do in the security-example application I recently wrote.  
You can download the source at:  

http://javawebapps.com/downloads/security-example.zip (14MB)

HTH,

Matt

--- In [EMAIL PROTECTED], usha <[EMAIL PROTECTED]> wrote:
 

Hi

Sorry what you mean by proxy. i didn't get you actually i wanted 
   

to 
 

authenticate logged in user against the users that are there in 
   

the 
 

database, and when ever they bookmark some page and if they go to 
   

that 
 

page directly i wanted to display the login page after they login 
sussefully only . right now with form based authentication i am 
   

getting 
 

this , but i had some drawbacks as i mentioned in the previous 
   

mail. is 
 

there a standard way i can use for user login checks.

thanks
usha

Eddie Bush wrote:

   

Write a proxy to retrieve the user data you wish to put in the 
session. The proxy will check to see if a user has been 
 

authenticated 
 

(request.getUserPrincipal() != null), and, if they have, it will 
 

check 
 

to see if your user data has been created yet.  If it has, it 
 

will 
 

just take it from the session and return it.  If it hasn't, it 
 

will 
 

create it, save it to the session, and return it.

That help?

usha wrote:

 

Hi

i am new to structs. right now i am using in my project form 
   

based 
 

authentication. with this i have some problems like i cannot 
instantiate some of session veriable upon logging etc. is there 
   

any 
 

standard mechnism for loging using sturcts. i am using JBoss as 
   

my 
 

application server.

Thanks in advance
usha.. 
   

 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 
   



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 
 





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: login mechanism

2002-12-29 Thread Matt Raible <[EMAIL PROTECTED]>

You could use a filter to map to all your protected resources.  This 
is what I do in the security-example application I recently wrote.  
You can download the source at:  

http://javawebapps.com/downloads/security-example.zip (14MB)

HTH,

Matt

--- In [EMAIL PROTECTED], usha <[EMAIL PROTECTED]> wrote:
> Hi
> 
> Sorry what you mean by proxy. i didn't get you actually i wanted 
to 
> authenticate logged in user against the users that are there in 
the 
> database, and when ever they bookmark some page and if they go to 
that 
> page directly i wanted to display the login page after they login 
> sussefully only . right now with form based authentication i am 
getting 
> this , but i had some drawbacks as i mentioned in the previous 
mail. is 
> there a standard way i can use for user login checks.
> 
> thanks
> usha
> 
> Eddie Bush wrote:
> 
> > Write a proxy to retrieve the user data you wish to put in the 
> > session. The proxy will check to see if a user has been 
authenticated 
> > (request.getUserPrincipal() != null), and, if they have, it will 
check 
> > to see if your user data has been created yet.  If it has, it 
will 
> > just take it from the session and return it.  If it hasn't, it 
will 
> > create it, save it to the session, and return it.
> >
> > That help?
> >
> > usha wrote:
> >
> >> Hi
> >>
> >> i am new to structs. right now i am using in my project form 
based 
> >> authentication. with this i have some problems like i cannot 
> >> instantiate some of session veriable upon logging etc. is there 
any 
> >> standard mechnism for loging using sturcts. i am using JBoss as 
my 
> >> application server.
> >>
> >> Thanks in advance
> >> usha.. 
> >
> >
> 
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: login mechanism

2002-12-29 Thread usha

Hi

Sorry what you mean by proxy. i didn't get you actually i wanted to 
authenticate logged in user against the users that are there in the 
database, and when ever they bookmark some page and if they go to that 
page directly i wanted to display the login page after they login 
sussefully only . right now with form based authentication i am getting 
this , but i had some drawbacks as i mentioned in the previous mail. is 
there a standard way i can use for user login checks.

thanks
usha

Eddie Bush wrote:

Write a proxy to retrieve the user data you wish to put in the 
session. The proxy will check to see if a user has been authenticated 
(request.getUserPrincipal() != null), and, if they have, it will check 
to see if your user data has been created yet.  If it has, it will 
just take it from the session and return it.  If it hasn't, it will 
create it, save it to the session, and return it.

That help?

usha wrote:

Hi

i am new to structs. right now i am using in my project form based 
authentication. with this i have some problems like i cannot 
instantiate some of session veriable upon logging etc. is there any 
standard mechnism for loging using sturcts. i am using JBoss as my 
application server.

Thanks in advance
usha.. 







--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: login mechanism

2002-12-29 Thread Eddie Bush

Write a proxy to retrieve the user data you wish to put in the session. 
The proxy will check to see if a user has been authenticated 
(request.getUserPrincipal() != null), and, if they have, it will check 
to see if your user data has been created yet.  If it has, it will just 
take it from the session and return it.  If it hasn't, it will create 
it, save it to the session, and return it.

That help?

usha wrote:

Hi

i am new to structs. right now i am using in my project form based 
authentication. with this i have some problems like i cannot 
instantiate some of session veriable upon logging etc. is there any 
standard mechnism for loging using sturcts. i am using JBoss as my 
application server.

Thanks in advance
usha.. 

--
Eddie Bush




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

login mechanism

2002-12-29 Thread usha

Hi

i am new to structs. right now i am using in my project form based 
authentication. with this i have some problems like i cannot instantiate 
some of session veriable upon logging etc. is there any standard 
mechnism for loging using sturcts. i am using JBoss as my application 
server.

Thanks in advance
usha..


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: login mechanism

Re: login mechanism

Re: login mechanism

Re: login mechanism

Re: login mechanism

login mechanism

6 matches

Site Navigation

Mail list logo

Footer information