It may be easier for you to extend RequestProcessor and override processRoles(...) and perform your own authorization there. I started down that road, but didn't like the effect of return false from processRoles, so we always return true and do the real role checking in our base action class (mapping.getRoleNames() gives us the value of the roles attribute) so that we can return mapping.getInputForward() when the role check fails...
-- Voytek Jarnot Quidquid latine dictum sit, altum viditur. > > -----Original Message----- > > From: Sloan Seaman [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, February 25, 2003 2:29 PM > > To: Struts Users Mailing List > > Subject: Passing parameters to Actions > > > > > > In the struts-config.xml file I want to pass a few parameters > > to my actions > > but it looks like the DTD only supports one "parameter" tag. > > > > I.E.: > > <action path="/app/main" > > type="com.symbol.mobilecommerce.analysis.actions.app.Main" > > name="app.main" > > parameter="admin" > > > > > <forward name="PAGE_SRC" path="/app/main.jsp"/> > > <forward name="PAGE_ACCESS_DENIED" path="/index.jsp"/> > > </action> > > > > When I would rather do something like: > > <action path="/app/main" > > type="com.symbol.mobilecommerce.analysis.actions.app.Main" > > name="app.main" > > > > > <forward name="PAGE_SRC" path="/app/main.jsp"/> > > <forward name="PAGE_ACCESS_DENIED" path="/index.jsp"/> > > <parameter name="ROLES_ALLOWED" value="admin"/> > > </action> > > > > Now, I know there is a roles attribute but we are doing out > > own security > > model and are not using request.isUserInRole(). > > > > (BTW: is there any way to write to whatever > > request.isUserInRole() used to > > do its lookup so we can use it?) > > > > Is there any way to have parameters passed like how I would like? > > > > I could spoof <forward> to something like <forward > > name="ROLES_ALLOWED" > > path="admin"/> but I would rather not. > > > > Thanks! > > > > -- > > Sloan > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
