RE: Form-based Authentication

Hi Jon, I know that WebLogic gets rid of these after authentication. --Abraham > -Original Message- > From: Jon.Ridgway [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 13, 2001 1:51 AM > To: [EMAIL PROTECTED] > Subject: RE: Form-based Authentication > > >

RE: Form-based Authentication

On Wed, 13 Jun 2001, Jon.Ridgway wrote: > Hi All, > > Form based auth is something that I have just been looking at, so I thought > I'd add my two pennies worth. > > My login form is using struts html, bean and template tags (no html:form) > and all appears ok. My template has an adapted vers

RE: Form-based Authentication

Hi Jonathan, Snip from http://java.sun.com/j2ee/blueprints/packaging_deployment/descriptors/index.h tml#1035772 'Form-based authentication is the preferred mechanism for authenticating application users in the J2EE platformThe security-constraint element specifies that th

Re: Form-based Authentication

ROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 13, 2001 4:51 AM Subject: RE: Form-based Authentication > Hi All, > > Form based auth is something that I have just been looking at, so I thought > I'd add my two pennies worth. > > My login form is using stru

RE: Form-based Authentication

sion, like tomcat does? Jon. -Original Message- From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]] Sent: 13 June 2001 02:05 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Form-based Authentication On Tue, 12 Jun 2001, Abraham Kang wrote: > Hi Craig, > > Thanks for the cl

RE: Form-based Authentication

On Tue, 12 Jun 2001, Abraham Kang wrote: > Hi Craig, > > Thanks for the clarification. > > I was wondering if you knew of any other way to do pre-processing > before being authenticated and post-processing after authentication > when using the form based authenticatio

RE: Form-based Authentication

, Kurt -Original Message- From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 12, 2001 1:59 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Form-based Authentication On Tue, 12 Jun 2001, Abraham Kang wrote: > RE: Form-based AuthenticationHi Jason, &

RE: Form-based Authentication

Hi Craig, Thanks for the clarification. I was wondering if you knew of any other way to do pre-processing before being authenticated and post-processing after authentication when using the form based authentication. Would filters work here? Sincerely, Abraham > -Original Mess

RE: Form-based Authentication

essing and take > advantage of the containers authentication realm. > WARNING: Although it might be supported by some containers, you are *not* guaranteed by the servlet spec that you can portably play that sort of a game. The spec clearly states that the form login page *must* have an acti

RE: Form-based Authentication

Title: RE: Form-based Authentication Hi Jason,       I should have been clearer.       The only time that you do not want the login-form to specify "j_security_check" as its action is when you want to do some special preprocessing before the user is authenticated.  By forwa

RE: Form-based Authentication

Title: RE: Form-based Authentication Hi Matt and Abraham, I would like to know why you say that you need to specify a login-form that does not have j_security-check as its action?  I am using this as the action and using Struts action classes to do the login? -Original Message

RE: Form-based Authentication

. This servlet will do the pre-processing and then forward the j_username and j_password to j_security_check. If you need post authentication routines then you will have to sniff the session attribute that the requested URL was stored under. In WebLogic this is "_wl_formauth_url". Whe

RE: Form-based Authentication

yes I did this. It works perfectly on tomcat also on resin. JRUN seems to have some problems with this. -Original Message- From: Matt Raible [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 12, 2001 3:14 PM To: [EMAIL PROTECTED] Subject: Form-based Authentication Has anyone implemented

Form-based Authentication

Has anyone implemented form-based authentication and Struts as defined by the J2EE Blueprints? http://java.sun.com/j2ee/blueprints/packaging_deployment/descriptors/index.h tml#1035772 If so, any lessons learned from the appserver you deployed in? Thanks, Matt

RE: Form based authentication

o:[EMAIL PROTECTED]] > Sent: 06 June 2001 08:17 > To: [EMAIL PROTECTED] > Subject: Form based authentication > > > Hi, > > Has anyone used Form based authentication? How does action > ="j_security_check" work? > > Thanks, > Nagalli > >

RE: app server authentication - frames

Hi Pratima, Can you switch to basic authentication? Another alternative is to change the top frame's location with JavaScript in the logon page. --Abraham > -Original Message- > From: Gogineni, Pratima [mailto:[EMAIL PROTECTED]] > Sent: Friday, June 08, 2001 3:45 PM

app server authentication - frames

Hi, I have a question I hoping some one might have some ideas on how to accomplish this ... I am using the appsever based authentication - so I have a html page that login.html. now my welcome page is a frame that has two jsp pages in it. unfortunately when I logon I see the login page in both

RE: Form based authentication

fy a login and error page in the web.xml. Jon. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 06 June 2001 08:17 To: [EMAIL PROTECTED] Subject: Form based authentication Hi, Has anyone used Form based authentication? How does action ="j_security_ch

Form based authentication

Hi, Has anyone used Form based authentication? How does action ="j_security_check" work? Thanks, Nagalli

RE: Where's the best place to do authentication

My view is that authentication is best handled totally outside of struts by the application server. The web deployment descriptor (web.xml) per the j2 spec is specifically designed to remove login mechanics from the developer. I'm running the JBoss/Tomcat at home and weblogic 5.1 at wor

RE: Where's the best place to do authentication

t he > is not authenticated. > > pratima > > -Original Message- > From: Gregor Rayman [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, May 22, 2001 3:59 AM > To: [EMAIL PROTECTED] > Subject: Re: Where's the best place to do authentication > > > "Jon.Ridgwa

RE: Where's the best place to do authentication

s the best place to do authentication "Jon.Ridgway" <[EMAIL PROTECTED]> writes: > Hi Shogo, > > Have a look at the 'example' webapp provided with struts, this uses a taglib > to check the user is logged on, I'm sure you could use/amend it to fit your >

RE: Where's the best place to do authentication

Message- From: Jon.Ridgway [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 22, 2001 1:56 AM To: [EMAIL PROTECTED] Subject: RE: Where's the best place to do authentication Hi Shogo, Have a look at the 'example' webapp provided with struts, this uses a taglib to check the user is logg

RE: Where's the best place to do authentication

Hi Shogo, Good point... Jon. -Original Message- From: Gregor Rayman [mailto:[EMAIL PROTECTED]] Sent: 22 May 2001 11:59 To: [EMAIL PROTECTED] Subject: Re: Where's the best place to do authentication "Jon.Ridgway" <[EMAIL PROTECTED]> writes: > Hi Shogo, > &g

Re: Where's the best place to do authentication

"Jon.Ridgway" <[EMAIL PROTECTED]> writes: > Hi Shogo, > > Have a look at the 'example' webapp provided with struts, this uses a taglib > to check the user is logged on, I'm sure you could use/amend it to fit your > purpose. > > Jon. I am not very happy with taglibs checking for logged in user. T

RE: Where's the best place to do authentication

EMAIL PROTECTED] Subject: Where's the best place to do authentication Where would be the best place/way to authenticate every user's request? I want to avoid inserting "code to authenticate" in all of my classes which extend Action class. Should I create a class like MyAc

Re: Where's the best place to do authentication

I like using the servlet container to perform authentication. Then you can define your security rules in web.xml file. adminPages /admin/* MyAdmin Tomcat has a JDBC Realm you can use. Setting up the

Where's the best place to do authentication

Where would be the best place/way to authenticate every user's request? I want to avoid inserting "code to authenticate" in all of my classes which extend Action class. Should I create a class like MyAction to put this sort of code, then extends this new class? Any better way? Any suggestion

NT authentication

Hi, I know WebLogic and JRun support integration with an NT Realm. I haven't used tomcat so I can't help you there much. I also tried looking on the Internet but could find anything specific. You might have better luck talking to a MS developer. --Abraham

R:Automathic user authentication

Title: R:Automathic user authentication Hi, getUserPrincipal returns null, but i can't uderstand why... my user is authenticated by NT wks!! The spec says that "..If the getRemoteUser returns null (which means that no user has been authenticated), the isUserInRole method w

Re: Automathic user authentication

, chapter 12 in 2.3). This tells you how to configure your web app to require authentication to access certain resources. LORENA MASSIMO wrote: > hi everibody, > > i'm developing for myintranet a web app based on apache/tomcat/struts. > My users are using NT Wks on a NT D

RE: Windows NT authentication for web site.

Hi! I`m interested also. Wellington Silva UN/FAO -Original Message- From: LORENA MASSIMO [mailto:[EMAIL PROTECTED]] Sent: Monday, May 14, 2001 11:24 AM To: '[EMAIL PROTECTED]' Subject: R:Windows NT authentication for web site. i'm iterested too... i'm using

R:Windows NT authentication for web site.

i'm iterested too... i'm using apache/tomcat/struts Thanks > -- > Da: Abraham Kang[SMTP:[EMAIL PROTECTED]] > Risposta a: [EMAIL PROTECTED] > Inviato: venerdì 11 maggio 2001 23:57 > A:[EMAIL PROTECTED] > Oggetto: RE: Windows NT authentication

Automathic user authentication

hi everibody, i'm developing for myintranet a web app based on apache/tomcat/struts. My users are using NT Wks on a NT Domain. I'm trying to auto-authenticate the users using the NT Logon User. Somebody told me to use the following jsp code String logon_user = Request.ServerVariables("LOGON_USER

RE: Windows NT authentication for web site.

ect: Windows NT authentication for web site. > > > > For my company web site, I want to use NT user name and password for > authentication. to get the user name and password, I want to use > html form. > > Can any one help me on this. How I can implement this, any tips or samples > codes. > > > Thanks > Sundaram. > >

Windows NT authentication for web site.

For my company web site, I want to use NT user name and password for authentication. to get the user name and password, I want to use html form. Can any one help me on this. How I can implement this, any tips or samples codes. Thanks Sundaram.

Re: j_security_check form authentication controlled in WAR context?

let spec defining how a container should talk to the authentication realm. This was considered in the process leading up to the 2.3 (proposed final draft) spec, but we didn't have time to settle on a standardized interface :-(. Thus, you are stuck having to conform to the APIs that each con

j_security_check form authentication controlled in WAR context?

Is there a way to define the authenticating class within the WAR context? I like the way SimpleRealm & JDBCRealm work, automatically protecting every resource matching a regex. However if I need a custom realm, I'd really prefer to have it be deployable in the war (would work across servlet cont

Re: Servlet 2.2 Authentication

On Fri, Mar 02, 2001 at 12:38:30PM +0100, Marcello Teodori wrote: > I would like to use standard a Servlet 2.2 standard authentication scheme > with struts adding a domain where to authenticate the user, has anyone > already done this? thanx > It is independent from struts. With

Re: Servlet 2.2 Authentication

Marcello Teodori wrote: > I would like to use standard a Servlet 2.2 standard authentication scheme > with struts adding a domain where to authenticate the user, has anyone > already done this? thanx > There is no portable mechanism to do this -- the details of how you set up t

Servlet 2.2 Authentication

I would like to use standard a Servlet 2.2 standard authentication scheme with struts adding a domain where to authenticate the user, has anyone already done this? thanx - Original Message - From: "Ana Narvaez Vila" <[EMAIL PROTECTED]> To: "Struts" <[EMAIL PR

form base authentication

Hi, I am trying to do a form base authentication using Weblogic 6.0 and Struts. However, I got the following error. <[WebAppServletContext(82670 96,consumer)] exception raised on '/consumer/login.jsp' javax.servlet.ServletException: runtime failure in custom tag 

RE: Has anyone implemented security and authentication in a Struts app?

Title: RE: Has anyone implemented security and authentication in a Struts app? H. those are some very good points. The situation i am faced with now (and have been on a couple of occasions) is porting to MVC a content management system that is steadily growing in complexity. I have to

RE: Has anyone implemented security and authentication in a Struts app?

Title: RE: Has anyone implemented security and authentication in a Struts app? We are in the process of writing a lightweight framework for role-based authorization because no other options have panned out. I've searched for open-source solutions, but find none. As David Geary said, it&

Re: Has anyone implemented security and authentication in a Struts app?

ovide an API to set them, but use of that API is obviously nonportable. The only way to ensure portability is to implement authentication from scratch, including support for user principals and roles, if you need them. Fortunately, it's not that difficult to do. david > Mihir > >

Re: Has anyone implemented security and authentication in a Struts app?

role based security is part of servlet 2.2 specs. So, if you are using servlet 2.2 container the application will remain portable. Mihir Davina and Mac wrote: > Has anybody out there implemented a roles-based security system in a Struts > application? If so, did you use an existing class librar

Re: Has anyone implemented security and authentication in a Struts app?

ble to write portable applications, and Struts/MVC, > with its single point of access and clearly defined actions would be an > ideal place to implement security... > thoughts anyone? Relying on container provided authentication is, by definition, nonportable. So you are correct: It is impossibl

Has anyone implemented security and authentication in a Struts app?

Has anybody out there implemented a roles-based security system in a Struts application? If so, did you use an existing class library or write your own? It seems to me that relying on container providers for security schemes makes it almost impossible to write portable applications, and Struts/MVC

Re: Authentication question

Ralf Utermann wrote: > Hi all, > > we are just about to start a project using Struts; > maybe I can get some hints on two things: > > - authentication: > In many services here we rely on DCE for authentication. > This is also done for Web-based cgi-apps with >

Authentication question

Hi all, we are just about to start a project using Struts; maybe I can get some hints on two things: - authentication: In many services here we rely on DCE for authentication. This is also done for Web-based cgi-apps with Paul Henson's mod_auth_dce for Apache. Two ques

<    1   2   3   4