So where does JAAS (Java Authentication and Authorization Service) come
into picture in the J2EE world ? The other day I was reading a whitepaper
that said STRUTS provides integration with JAAS. What would that mean ?
Thanks
Sreekant G.
TCS AMBATTUR
"Viral_Thakkar"
<[EMAIL PROTECTED] To: "Struts Users Mailing List"
fosys.com> <[EMAIL PROTECTED]>, <[EMAIL
PROTECTED]>,
<[EMAIL PROTECTED]>
08/04/2003 06:51 cc:
PM Subject: RE: Best place to hook the
Security Call
Please respond to
"Struts Users
Mailing List"
What I understood from the "Security Filter" component is that we need
to extend the SimpleSecurityRealmBase class and need to override the
methods specified in that class.
But still I m not clear on the complete configuration ...i mean the
exact steps to follow to use this filter component for A & A reqt.
If anyone already implemented this filter then please guide me on the
approach.... example code will be more useful...
Thanks.
-----Original Message-----
From: Alen Ribic [mailto:[EMAIL PROTECTED]
Sent: Monday, August 04, 2003 6:34 PM
To: Struts Users Mailing List
Subject: Re: Best place to hook the Security Call
Security is really my week side but AFAIK your Container Manager
Security
does have certain container specific configurations and even requirement
for
additional java classes to be coded.
As I said "Security Filter" component has a small, simple realm
interface
that is portable across different servers.
--Alen
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Monday, August 04, 2003 2:34 PM
Subject: Re: Best place to hook the Security Call
>
> I agree with Alen, but at the same time if all the containers are
> supporting J2EE security standards then porting to different
containers
> should not be an issue. SecurityFilter as I just browsed through seems
> interesting but all the latest J2EE containers will have to support
Servlet
> 2.3 for using the same. Alternatively whatif I write my own security
piece
> by looking up LDAP for A&A (authentication and authorization) and this
> piece would be called from some place in the STRUTS control flow so
that
> for everyrequest security would be validated.
>
> Thanks
> Sreekant G.
> TCS AMBATTUR
>
>
>
> "Alen Ribic"
> <[EMAIL PROTECTED] To: "Struts Users
Mailing List"
> >
<[EMAIL PROTECTED]>
> cc:
> 08/04/2003 04:25 Subject: Re: Best
place to
hook the Security Call
> PM
> Please respond to
> "Struts Users
> Mailing List"
>
>
>
>
>
>
> If I'm not mistaken, this approach is container specific hence would
make
> deployment on difference container(s) not as smooth as one would wish.
> I may be wrong so please correct me! I'm not very clued up in this
area.
;)
>
> I have privilege working with servlet 2.3 and am now using
SecurityFilter
> component (www.securityfilter.org) to handle my auth. Very simple!
>
> --Alen
>
>
> >Best place would be using container J2EE security, such as JDBC
realms.
>
> >[EMAIL PROTECTED] wrote:
> > Which is the best place to hook the security call for an application
in
> the
> > STRUTS framework so that for every request security check is made.
Does
> > STRUTS provide integration with any Security framework ?
> >
> > thanks in advance.
> > Sreekant G.
> >
> >
> >
> >
> >
------------------------------------------------------------------------
> >
> > This mail was scanned by Interscan Virus Wall of Mailserver at
Cathedral
> Road TCS Chennai
> >
> >
> >
> >
------------------------------------------------------------------------
> >
> >
---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
>
> --
> Vic Cekvenich,
> Struts Instructor,
> 1-800-917-JAVA
>
> Advanced <a href ="baseBeans.com">Struts Training</a>, mentoring and
> project recovery in North East.
> Open Source <a href ="baseBeans.com">Portal Content Management</a>
> basicPortal software.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
>
>
>
------------------------------------------------------------------------
----
----
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
(See attached file: InterScan_SafeStamp.txt)
****** Message from InterScan E-Mail VirusWall NT ******
** No virus found in attached file InterScan_SafeStamp.txt
This Message was scanned by Interscan Virus Wall of mailserver at Cathedral Raod ,TCS
Chennai
***************** End of message ***************
This mail was scanned by Interscan Virus Wall of Mailserver at Cathedral Road TCS
Chennai
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
