for container managed roles struts actions act just like all http request
that the container can intercept.
in the web.xml
<security-constraint>
<display-name>Secure Something</display-name>
<web-resource-collection>
<web-resource-name>Admin Resources</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<description>Secure all data</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
What this does is lock down all requests to the /admin/ directory to users
of Admin role.
You can do the same with actions by putting in the url pattern using
wildcards or the action itself.
for example;
<url-pattern>/admin/addUser.do</url-pattern>
----- Original Message -----
From: "Elena Neroslavskaya" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, December 03, 2002 11:05 AM
Subject: Security roles with Struts
> Hello all,
> I have succeeded to configure DB security realm for JBoss container it
works
> for simple JSP solution,
>
> Bu I have problems to make it work with Struts !
>
> Could anybody please be so kind and post here an example
> how to configure Struts to use Container Managed Roles.
>
> And post here your web.xml ans struts-config.xml ?
>
> Thank you very much
>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
