You might want to do something similar to this on failure inaddition to code below:
response.sendError( HttpServletResponse.SC_FORBIDDEN, getInternal().getMessage( "notAuthorized", mapping.getPath())); Paul ------------------------------------------------------------ Global Equity Derivatives Technology Deutsche Bank [/] ------------------------------------------------------------ Nadeem Bitar <[EMAIL PROTECTED] To: Struts Users Mailing List <[EMAIL PROTECTED]> m> cc: Subject: Re: Role based access? 18/02/2004 20:11 Please respond to "Struts Users Mailing List" processRoles method is in RequestProcessor. You would do something like this: boolean processRoles(HttpServletRequest request, HttpServletResponse response, ActionMapping mapping) throws Exception{ if(roles == null || roles.length == 0) return true for(int i=0; i<roles.length; i++){ //using your custom security scheme usually something like that if(request.isUserInRole(roles[i])) return true; } return false; } On Thu, 2004-02-19 at 01:26 +0530, [EMAIL PROTECTED] wrote: > Hi, > Thanks for the info Nadeem.but processRoles method is in which Class. > could you give me some samples. > Thanks in advance > > > Subramaniam Olaganthan > Tata Consultancy Services > Mailto: [EMAIL PROTECTED] > Website: http://www.tcs.com > > > Nadeem Bitar <[EMAIL PROTECTED]> > > 02/19/2004 12:59 AM > Please respond to > "Struts Users Mailing List" > <[EMAIL PROTECTED]> > > > To > Struts Users > Mailing List > <struts- > [EMAIL PROTECTED] > apache.org> > cc > Subject > Re: Role based > access? > > > > You have to use JAAS. If you are not using JAAS and still want to use > the roles attribute in your action mapping you have to override the > processRoles method . > > > On Wed, 2004-02-18 at 20:49 +0530, [EMAIL PROTECTED] wrote: > > Hi Guys, > > > > Struts-config.xml > > <action attribute="Form" roles="userRole"> > > > > How do i use this 'roles' attribute to implement role-based access. > > > > Thanks and Regards > > > > Subramaniam Olaganthan > > Tata Consultancy Services > > Mailto: [EMAIL PROTECTED] > > Website: http://www.tcs.com > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > ForwardSourceID:NT00003A5E > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]