Thanks! Very helpfull, but still some questions: How can you programmaticly make use of struts-config.xml? Now the loginpage is hardcoded:
String loginPage = request.getContextPath()+"/logon.do"; Can't you make it more generic so that it uses the config-file to look it up? Secondly: How can you display userinformation in a jsp-page when you have your own authentication-system? I probably have to write my own taglibs right? Ilja On Mon, 6 Oct 2003 18:10:56 +0530, "Deepak" <[EMAIL PROTECTED]> said: > Try this : > http://www.theserverside.com/resources/article.jsp?l=JAAS > > ----- Original Message ----- > From: "Ilja" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, October 06, 2003 6:00 PM > Subject: Struts and user-authentication > > > > Is there any good example on how to incorporate strict > > user-authentication with Struts? > > > > Currently I'm working on a way to implement user-authentication with > > OSUser (www.opensymphony.com/osuser) and hibernate (www.hibernate.org) > > > > What's the best way to implement user-security? Where should the > > authentication method be put in? In every action? Is it possible to > > create one generic class that authorizes a user and sends it to the > > appropiate page (either the page he requested, an error or a login-page) > > without coding it on every single action page? > > > > Thanks, > > > > Ilja > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]