Has anybody used JAAS and struts together?
Why not use native java security?
George Daswani
On Tue, 22 May 2001, Gogineni, Pratima wrote:
> Gregor the example application has the tag to check for logged in user in
> the jsp page.
>
> But in addition to this - they also check if the user is logged in in each
> action class.
>
> Another thing is the tag is not really authenticating the user but just
> checkign if the user has been authenticated, so that the user cant even see
> the jsp rather than find out upon performing some action in the page that he
> is not authenticated.
>
> pratima
>
> -----Original Message-----
> From: Gregor Rayman [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 22, 2001 3:59 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Where's the best place to do authentication
>
>
> "Jon.Ridgway" <[EMAIL PROTECTED]> writes:
>
> > Hi Shogo,
> >
> > Have a look at the 'example' webapp provided with struts, this uses a
> taglib
> > to check the user is logged on, I'm sure you could use/amend it to fit
> your
> > purpose.
> >
> > Jon.
>
> I am not very happy with taglibs checking for logged in user. Taglibs can be
> used
> only in JSP and JSP should implement the View part of the MVC pattern.
> Authenticating users is bussiness logic and so it shoud be done somewhere in
> the actions.
>
> --
> gR
>
