RE: Changing Role Access to Actions on the Fly
Hi Please mind that http://acegisecurity.org/ works on Spring not Struts. There is possibility to use Struts in Spring but I don't suppose the opposite is possible :-( -Original Message- From: Paul Benedict [mailto:[EMAIL PROTECTED] Sent: Monday, July 03, 2006 2:54 PM To: Struts Users Mailing List Subject: Re: Changing Role Access to Actions on the Fly Joseph, modifying the user's permissions (not the struts action mapping), is definitely the way to go. Your app should be able to run with any framework, and so go with the advice I gave. Also check out http://acegisecurity.org/ Paul Thomas Joseph <[EMAIL PROTECTED]> wrote: Thank you Paul for your comments, Adding/removing Roles, adding/removing users to roles, then permitting/forbidding various actions for these roles is what I want as the main feature of my App. I have an idea of using filter that would do explicit permissions to roles on actions, based on configurations of role-action mappings from the database. How good do you consider this design? Any other/better design choices?? If other frameworks lack this and if this design goes good enough, I would like to roll out this one to the Open Source. :) Thanks for your help and support Thomas Joseph - Original Message - From: "Paul Benedict" To: "Struts Users Mailing List" Sent: Monday, July 03, 2006 2:48 PM Subject: Re: Changing Role Access to Actions on the Fly > I can say with mild confidence that the action mapping is "frozen" once loaded, and changes to it during runtime cannot be made. Since roles are part of a mapping, it cannot be done. > > But don't let the framework stop you! Just because its automated configuration features are frozen, doesn't mean you can't get around it. If you are willing to perform explicit role checking inside the action, then you can achieve what you're trying to do. Yes, you will be giving up the XML configuration, but, you're doing something very special; I don't even know if *ANY* framework allows something like this. > > In my opinion, you might search for a better solution. Perhaps dynamic role changing is a symptom of a bad design. For instance, instead of changing the role mapping, update the roles the user actually has -- that's usually how security apps work: change the user, not the app :) > > Paul > > Thomas Joseph wrote: I couldnt see any replies, thats why I am adding up these comments. > > Actually I want the application users to create groups (roles), and then > assign access rights to various actions for this group. Later group > membership/access rights should be editable. This should be something like > how we can do in Operating Systems. > > Any help in this regard is highly appriciated. > > Also tell if this is not possible > > Thanks in advance. > > Thomas Joseph > > - Original Message - > From: "Thomas Joseph" > To: "Struts Users Mailing List" > Sent: Friday, June 30, 2006 5:37 PM > Subject: Changing Role Access to Actions on the Fly > > > > > > Hi all great brains, > > > > I would like my application to use roles to access any actions. However, I > want to make access to these actions > > change while the application is running. User in a role could access a > particular action at one time, but not the > > other time (when change has been made). (I understand that role based > access to the Action Mapping is static.) > > > > Is there any way I can do this.? > > > > Any pointers,... ideas ?? > > > > Thanks in advance!! > > > > Thomas Joseph > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - How low will we go? Check out Yahoo! Messenger's low PC-to-Phone call rates. Note: If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Changing Role Access to Actions on the Fly
Hi,
Some time ago I was looking for an answer on the same question :)
Here is how I solved this issue.
1) All request goes though SecurityFilter (www.sf.net)
2) Wrapped original request with this one
public class SecurityRequestWrapper extends
org.securityfilter.filter.SecurityRequestWrapper {
public static final char SESSION_ROLE_KEY='@';
public static final String USER_INFO="userInfo";
public SecurityRequestWrapper(HttpServletRequest arg0,
SavedRequest arg1,
SecurityRealmInterface arg2, String arg3) {
super(arg0, arg1, arg2, arg3);
}
public boolean isUserInRole(String roleName) {
if(roleName.charAt(0)==SESSION_ROLE_KEY){
SecurityFilterPrincipal
principal=(SecurityFilterPrincipal)getUserPrincipal();
String
roleKey=(String)getSession().getAttribute(String.valueOf(SESSION_ROLE_KE
Y));
if(principal!=null && roleKey!=null){
Map roleMap=principal.getRoleMap();
List roles=(List)roleMap.get(roleKey);
if(roles!=null){
StringTokenizer tokenizer=new
StringTokenizer(roleName.substring(1),",");
while(tokenizer.hasMoreTokens()){
if(roles.contains(tokenizer.nextToken()))
return true;
}
}
}
return false;
}
return super.isUserInRole(roleName);
}
}
and modified doFilter method to use my Request Object
...
doFilter(...){
HttpServletRequest hReq = (HttpServletRequest) request;
HttpServletResponse hRes = (HttpServletResponse) response;
SecurityRequestWrapper wrappedRequest;
... (the rest is coppied from SecurityFilter sources)
}
3) Created Principal interface implementation in SecurityFilterPrincipal
object with map property holding all userRoles
public class SecurityFilterPrincipal implements Principal,Serializable {
private String name=null;
private HashMap roleMap=null; //roleMap[key]=ArrayList(roles)
..
(just create getter and setters for properties)
}
4) Implemented SecurityRealmInterface interface
public class JDBCSecurityFilterRealm implements SecurityRealmInterface {
..
(find the source of this class in SecurityFilter)
.. change the login function to reflect your situation
(here I load all user roles but into my Principal's roleMap property)
}
5) The most important in all of this is implementation of isUserInRole
function (SecurityRequestWrapper object). The way you check your roles
there are up to you. In my case I put into the session some indicator
telling me which key in the rolesMap is the active one. In this way
although I'm not dynamically removing roles I switch them accordingly to
the situation.
Hope it's what you want.
-Original Message-
From: Paul Benedict [mailto:[EMAIL PROTECTED]
Sent: Monday, July 03, 2006 11:18 AM
To: Struts Users Mailing List
Subject: Re: Changing Role Access to Actions on the Fly
I can say with mild confidence that the action mapping is "frozen" once
loaded, and changes to it during runtime cannot be made. Since roles are
part of a mapping, it cannot be done.
But don't let the framework stop you! Just because its automated
configuration features are frozen, doesn't mean you can't get around it.
If you are willing to perform explicit role checking inside the action,
then you can achieve what you're trying to do. Yes, you will be giving
up the XML configuration, but, you're doing something very special; I
don't even know if *ANY* framework allows something like this.
In my opinion, you might search for a better solution. Perhaps dynamic
role changing is a symptom of a bad design. For instance, instead of
changing the role mapping, update the roles the user actually has --
that's usually how security apps work: change the user, not the app :)
Paul
Thomas Joseph <[EMAIL PROTECTED]> wrote: I couldnt see any
replies, thats why I am adding up these comments.
Actually I want the application users to create groups (roles), and then
assign access rights to various actions for this group. Later group
membership/access rights should be editable. This should be something
like
how we can do in Operating Systems.
Any help in this regard is highly appriciated.
Also tell if this is not possible
Thanks in advance.
Thomas Joseph
- Original Message -
From: "Thomas Joseph"
To: "Struts Users Mailing List"
Sent: Friday, June 30, 2006 5:37 PM
Subject: Changing Role Access to Actions on the Fly
>
>
> Hi all great brains,
>
> I would like my application to use roles to access any actions.
However, I
want to make access to these actions
> change while the applicati
RE: Grid Control
Try this one http://displaytag.sourceforge.net/11/ -Original Message- From: Ahmed Hashim [mailto:[EMAIL PROTECTED] Sent: Friday, June 23, 2006 1:29 PM To: Struts Users Mailing List Subject: Grid Control Dear All, Is there any Grid Struts Tag Lib to display data in table and handle paging and sorting? Regards, Ahmed Hashim -- www.egjug.org http://www.egjug.org/hashimblog/ http://www.jroller.com/page/Hashim In Life, it doesn't matter who you are, but whether someone appreciates you for what you are, accepts you and loves you unconditionally. A Real Friend ( Friendship ) is one who walks in when the rest of the world walks away. Note: If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
XDoclet + struts-config.xml + modules
Hi, Is it possible to generate struts-config.xml for modules? I've two modules in my application handled by one DispatchAction. Unfortunately I can't find a way to indicate that specific mapping is related to another module. By the way is it true that XDoclet for struts doesn't support in 100% DispatchActions? Here I mean local forwards which are multiplied for each action mapping. Here is code snippet * @struts.action input=".capacityHcReport" name="weekForm" parameter="do" path="/fetchCapacityHcReport" scope="session" validate="false" * @struts.action-forward name="capacityHcReport" path=".capacityHcReport" * * @struts.action input=".planFcst" name="weekForm" parameter="do" path="/fetchPlanFcst" scope="session" validate="false" * @struts.action-forward name="planFcst" path=".planFcst" The code generated will have two local forwards for both actions although I wanted to have only one forward for each action Rgs Note: If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Role-Based Menu Navigation
Take a look on http://struts-menu.sourceforge.net/ -Original Message- From: josh t [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 10, 2006 2:34 AM To: user@struts.apache.org Subject: Role-Based Menu Navigation I want to build a role-based nested navigation menu : - Using Struts 1.1 with tiles - My menu.jsp will be used by all other JSPs (extension in the tiles def file) - The roles to build the menu will be retrived from the session. - I don't care about the java script part of the dropdown navigation at this time. I Are there any struts support for this? If not, are there any 'best practices' or sample application for this? For example, is the best solution to just create a MenuAction that gets the roles from the session and populates the drop down menu based on those roles? - How low will we go? Check out Yahoo! Messenger's low PC-to-Phone call rates. Note: If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Add column to table via Javascript/JSTL
Hi, I know it's not directly connected with struts but perhaps somebody will be able to help me. My problem is that I've HTML table with rows/columns as value labels. On the intersection there is a corresponding value. horizontal label 1 vertical label 1 VALUE The number of vertical labels is fixed. On the other hand the number of horizontal labels is dynamic. The Html table DOM model has a addRow() method but there is no corresponding addColumn() :( I'd appreciate any suggestion on how to generate such a table. Rgs Note: If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FW: StrutsTestCase & Hibernate
hi, Basically I'm interested in testing struts actions (forwards, messages etc). Most of the actions perform some actions on my database which I'd like to speed up. My idea is to isolate database tests from struts action test. There is only one way to achieve it which I see at the moment (mock objects). If I substitute my persistence layer in tests on mocks not only tests will run faster but I'll not have to prepopulate database for each test (even in memory datatabase needs some configuration prior to tests). Unfortunately except idea I've nothing. I've no idea on how to achieve it. Any idea or sample code ? I think the problem is not open and many of you've solved it in one way or another Note: If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.
