Hi, Vincent PROSPER wrote:
Hi,The method 'isUserInRole(role)' is on the request object. The session tracks if the user is authenticated. but it is transparent from the 'isUserInRole(role)' point of view.The role checking work in nested tiles.
Ok, my question may be obvious for some of yours, but I guess I am not the
only newbie having this kind of trouble (I hope ;-)
All I wanna do is to customize jsp pages (made of struts tiles) depending on
user's role.
Here is my trouble:
I've got a tile (among others with same concerns wrt roles) that displays a
'logout' link, and that is used on each jsp page of my portal.
The trouble is !THIS IS A PORTAL!
...that is to say some jsp are access protected, some others are not...
For the formers, all is OK, but concerning the latters, I loose the user's
role since Tomcat doesn't transmit it to the session for such kind of pages.
What doesn't work, is the automatic password popup if the check is done in a nested tiles, and user is not authenticated. A solution could be to put a role checking in the root tiles (generally the master template).
Another solution is to have a logon page performing the authentication. Nested Tiles will be shown only if the user is authenticated.
My questions are the following:
1. Is there any trick (config files?) to tell Tomcat to keep roles
avalaible, even when accessing public pages?
2. If not, can I force the "role" attribute either in tiles:put or in
logic:present in order to get the right JAAS role that is stored in the
container?
3. If not, I'd better try to gather all my jsp in the security url-pattern
and try to set a default user on public pages... If somebody knows how to do
this (positionning a default user without an authentication popup), please
tell me!
4. Is there another solution?
Thanks in advance for your answers.
Vince
--
To unsubscribe, e-mail: <mailto:struts-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:struts-user-help@;jakarta.apache.org>
-- To unsubscribe, e-mail: <mailto:struts-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:struts-user-help@;jakarta.apache.org>
