Re: Web Application Security -- Help needed
Hi, You need to define a secruity constaint similar to the following in web application. Once this done, container takes care of the two issues transperantly. Regards, Raja Nagendra Kumar, C.T.O, www.tejasoft.com session-config session-timeout10/session-timeout session-max4096/session-max /session-config security-constraint web-resource-collection web-resource-nameHTMLManger and Manager command/web-resource-name url-pattern/jmxproxy/*/url-pattern /web-resource-collection auth-constraint role-namemanager/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameTomcat Manager Application/realm-name /login-config security-role description The role that is required to log in to the Manager Application /description role-namemanager/role-name /security-role - Original Message - From: SrinivasaReddy [EMAIL PROTECTED] To: Struts Users Mailing List user@struts.apache.org Sent: Tuesday, September 19, 2006 9:37 AM Subject: Web Application Security -- Help needed HI All.., I am developing the Application in Struts+Hibernate, it is an Web Application.I need to apply the security for this applicaiton like -- If Session Timeout over that should redirect to Login page -- After login if we copy the url and open it in new browser, that should redirect to login page Which type of security i need to apply for this... Here all pages are secure pages only. we are using the Sturts tiles to develop the application... Thanks for any help.. Regards Srinivasa Reddy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Web Application Security -- Help needed
HI All.., I am developing the Application in Struts+Hibernate, it is an Web Application.I need to apply the security for this applicaiton like -- If Session Timeout over that should redirect to Login page -- After login if we copy the url and open it in new browser, that should redirect to login page Which type of security i need to apply for this... Here all pages are secure pages only. we are using the Sturts tiles to develop the application... Thanks for any help.. Regards Srinivasa Reddy
Re: Web Application Security -- Help needed
Go for standard Web Security [Form based Authentication] provided by Web Containers. This solution is free. Else, you can use Access Management Solutions by various vendors: SiteMinder, Java Enterprise System Access Manager, IBM Tivoli Access Manager (TAM). Choose a product appropriate to your project criticality and funding available. Thanks and regards, Pazhanikanthan. P (Paz) Consultant for AXA, Senior Software Engineer, HCL Australia Services Pty. Ltd. Off : +61-3-9618-4085 Mob : +61-0411-354-838 SrinivasaReddy [EMAIL PROTECTED] 19/09/2006 02:07 PM Please respond to Struts Users Mailing List To: Struts Users Mailing List user@struts.apache.org cc: Subject:Web Application Security -- Help needed HI All.., I am developing the Application in Struts+Hibernate, it is an Web Application.I need to apply the security for this applicaiton like -- If Session Timeout over that should redirect to Login page -- After login if we copy the url and open it in new browser, that should redirect to login page Which type of security i need to apply for this... Here all pages are secure pages only. we are using the Sturts tiles to develop the application... Thanks for any help.. Regards Srinivasa Reddy _ This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com * Important Note This email (including any attachments) contains information which is confidential and may be subject to legal privilege. If you are not the intended recipient you must not use, distribute or copy this email. If you have received this email in error please notify the sender immediately and delete this email. Any views expressed in this email are not necessarily the views of AXA. Thank you. **