I just got J2EE container managed security working and now I'd like to add roles to my struts action. I downloaded the Struts 1.1b2 and have it installed. When I add a role to my action:
<!-- Process a user logon --> <action path="/login" type="com.idtect.oemserver.web.LoginAction" name="loginForm" scope="request" input="/login.jsp" roles="idtect_readonly"> I get the following error: HTTP Status 400 - User is not authorized to access action /login I was expecting it to display a login box. So then I protected a JSP using the web.xml file and accessed the JSP (getting the login box and logging in). I retried my action and got the same error. This puzzled me because I was already logged in. I know this is a new feature, but if anyone has any examples or a link to some documentation on this I'd greatly appreciate. The thought of specifying security for each action in my web.xml really bothers me. I think this roles attribute is a great addition to Struts. Michael -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>