a brief explanation for basic spring-security (only authentication)
configuration with struts:
Spring security is running as a filter in your web-app
(you need to make sure that it comes first before Struts).
For the filter-configuration take a look at (2.2.1):
Hello,
I have just started to venture into Struts2 and I'm having a hard time
finding learning materials for Authentication and authorization concepts.
Could you please point out some resources ?
Thank you,
Aravind
started to venture into Struts2 and I'm having a hard time
finding learning materials for Authentication and authorization concepts.
Could you please point out some resources ?
Thank you,
Aravind
Thank you ! And Apache Shiro is it worth trying for authentication and
authorization ?
On Tue, Apr 17, 2012 at 6:37 PM, vEnkaTa mohAna rAo SriperumbUdUru
mohanara...@gmail.com wrote:
http://www.javaranch.com/journal/2008/04/authentication-using-JAAS.html
http://stackoverflow.com/questions
Struts itself doesn't provide an Authentication Authorization subsystem,
but it will work well with Spring Security, Apache Shiro, or roll-your-own
solutions.
(*Chris*)
On Tue, Apr 17, 2012 at 5:28 AM, Aravind Kumar aravind...@gmail.com wrote:
Hello,
I have just started to venture
thank you :)
On Tue, Apr 17, 2012 at 9:21 PM, Chris Pratt thechrispr...@gmail.comwrote:
Struts itself doesn't provide an Authentication Authorization subsystem,
but it will work well with Spring Security, Apache Shiro, or roll-your-own
solutions.
(*Chris*)
On Tue, Apr 17, 2012 at 5:28
Hey,
i would definitely _discourage_ you from using JAAS.
IMHO go with Spring Security:
http://static.springsource.org/spring-security/site/
It is pretty easy to integrate in Struts and
provides everything you need for both authentication and authorization
.
IMHO go with Spring Security:
http://static.springsource.**org/spring-security/site/http://static.springsource.org/spring-security/site/
It is pretty easy to integrate in Struts and
provides everything you need for both authentication and authorization
2007 18:22
À : Struts Users Mailing List
Objet : Re: Authentication and Authorization in S2
What do you mean with 100% Struts 2 security? As far I know, S2 does
not have anything out-of-the-box regarding security.
In my case, I had to manually develop a login action and an
authentication
Acegi
Security to handle authentication/authorization. I can't think of
anything it can't do.
http://www.acegisecurity.org/
There's also Berkano which doesn't do nearly as much as Acegi but can
handle most general AA problems:
http://berkano.codehaus.org/
Zarar
On 8/20/07, Roberto
(i.e. which roles can see which
rows in the database).
-Message d'origine-
De : wild_oscar [mailto:[EMAIL PROTECTED]
Envoyé : jeudi 23 août 2007 16:15
À : user@struts.apache.org
Objet : Re: Authentication and Authorization in S2
How about AA with Struts2 only?
I'm trying to understand
can see which
rows in the database).
-Message d'origine-
De: wild_oscar [mailto:[EMAIL PROTECTED]
Envoyé: jeudi 23 août 2007 16:15
À: user@struts.apache.org
Objet: Re: Authentication and Authorization in S2
How about AA with Struts2 only?
I'm trying to understand Authorization
can always develop a custom
interceptor.
Alvaro.
On 8/20/07, Zarar Siddiqi [EMAIL PROTECTED] wrote:
If you're using Spring, it's probably a great idea to use Acegi
Security to handle authentication/authorization. I can't think of
anything it can't do.
http://www.acegisecurity.org/
There's also
Hi all.
I need to implement Authentication and Authorization in
a S2 web application, and before reinventing the wheel, I'd
like to ask the list for hints and advice.
1) Is there built-in support in Struts2 for Authentication and
Authorization?
2) What are the best practices for AA in S2?
3
If you're using Spring, it's probably a great idea to use Acegi
Security to handle authentication/authorization. I can't think of
anything it can't do.
http://www.acegisecurity.org/
There's also Berkano which doesn't do nearly as much as Acegi but can
handle most general AA problems:
http
I agree. You should first try Acegi.
If your auth needs are very specific, you can always develop a custom
interceptor.
Alvaro.
On 8/20/07, Zarar Siddiqi [EMAIL PROTECTED] wrote:
If you're using Spring, it's probably a great idea to use Acegi
Security to handle authentication/authorization
Craig McClanahan wrote the following on 7/16/2005 1:03 AM:
For maximum positive benefit to the world, please cc your responses
both here
Asked someone on our team (not on the Struts list) who handles the
authentication stuff for our applications and he came up with:
Craig McClanahan wrote:
http://weblogs.java.net/blog/gmurray71/archive/2005/07/got_servlets.html
My particular question (well, questions :-) for the Struts community:
* What technology do you currently use for authentication and authorization
in your web applications?
I used JDBC relms
/got_servlets.html
My particular question (well, questions :-) for the Struts community:
* What technology do you currently use for authentication and authorization
in your web applications?
* If you use the container managed security faciities of your container,
does it completely meet your
Vic ,
In my project authentication and authorization are performed by
certificates. Help me, please, to find right way to define WHos is
logged on and What they are doing by JMX .
regards,
Sergey .
Craig McClanahan wrote:
http://weblogs.java.net/blog/gmurray71/archive/2005/07
16, 2005 1:01 PM
Subject: Re: [FRIDAY] What technology do you use for authentication and
authorization?
Hi Craig,
I am currently using container-managed security in all my day work. We
have built a fairly robust framework to sit on top of it to fill in some
of the gaps (things like enforcing
Sergey Livanov wrote:
In my project authentication and authorization are performed by
certificates. Help me, please, to find right way to define WHos is
logged on and What they are doing by JMX .
1. get a jmx tools servlet to work... it should display all jmx
refistered objects
Craig McClanahan wrote:
* What technology do you currently use for authentication and authorization
in your web applications?
Acegi Security with a custom authentication DAO that accesses a JCR
repository and various custom voters for authorization.
* If you don't use container managed
:
http://weblogs.java.net/blog/gmurray71/archive/2005/07/got_servlets.html
My particular question (well, questions :-) for the Struts community:
* What technology do you currently use for authentication and authorization
in your web applications?
* If you use the container managed security
for authentication and authorization
in your web applications?
* If you use the container managed security faciities of your container,
does it completely meet your needs? If not, what else would you like to
see?
* If you don't use container managed security (i.e. the facilities
defined
for authentication and authorization
in your web applications?
* If you use the container managed security faciities of your container,
does it completely meet your needs? If not, what else would you like to see?
* If you don't use container managed security (i.e. the facilities
defined in the
servlet
/blog/gmurray71/archive/2005/07/got_servlets.html
My particular question (well, questions :-) for the Struts community:
* What technology do you currently use for authentication and authorization
in your web applications?
* If you use the container managed security faciities of your container
Hi Every One,
Does Struts have any type of authentication/ authorization mecanism?
Best regards,
Davi Salgueiro
Hi Every One,
Does Struts have any type of authentication/ authorization mecanism?
Best regards,
Davi Salgueiro
One,
Does Struts have any type of authentication/ authorization mecanism?
Best regards,
Davi Salgueiro
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
El vie, 05-11-2004 a las 13:37 -0600, Vic (Vinny) Cekvenich escribió:
Struts requires Servlet support container.
Therefore containers (such as tomcat, resin, etc). support declerative
security via web.xml.
You can read for example about tomcat jdbc realms.
So struts leverages J2EE security
Once you have your users and roles defined, you can read use the
roles attribute for action mappings to restrict access to those
actions to a set of roles.
Hubert
On Fri, 05 Nov 2004 16:46:51 -0300, Mauro Morales M.
[EMAIL PROTECTED] wrote:
El vie, 05-11-2004 a las 13:37 -0600, Vic (Vinny)
. They're extremely handy for
the problems that they do solve.
Good Luck,
Eddie
- Original Message -
From: Davi Salgueiro [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, November 05, 2004 1:30 PM
Subject: Authentication and Authorization
Hi Every One,
Does Struts have any type
There used to be (haven't checked on it
for a while) a project called Security Filter
that was a security database implementation you
could package with your application. I believe
it was a SourceForge project.
SecurityFilter hasn't been updated since January:
34 matches
Mail list logo