Oracle provides Single Sign On with OID - no extra work required.
-----Original Message----- From: David Friedman [mailto:[EMAIL PROTECTED] Sent: Saturday, March 13, 2004 8:49 AM To: Struts Users Mailing List Subject: RE: security framework!!! I've also been looking into security frameworks and the only solutions I've really found are: 1. Standard (container) JAAS 2. SecurityFilter http://securityfilter.sourceforge.net 3. Pow2ACL http://pow2acl.sourceforge.net/ I was hoping, at some point, to use an SSL switching feature such as SSLext. >From my research, Pow2ACL and SecurityFilter won't work that way. SecurityFilter has a note that certain 'elements' could be used for it but the current code makes no use of them in that manner. As for Pow2ACL, I didn't find anything suggesting how to use it in that way either. My bigger problem is my scenario, which no one supports. I'd like to allow manager accounts to become one of if it's sub-accounts. My system would support at least 5 levels where 4 could 'drill down' and back up again: admin, reseller, client, manager, employee (bottom feeder, no managerial tools and no popping into their accounts). Since there is no easily way to push/pop or even set (then I could use my own internal stack) a UserPrincipal object, I'm thinking of using something a bit like SecurityFilter: wrap the request object with a subclass of HttpServeletRequestWrapper and add my own push/pop/set/get/count UserPrincipal object(s). Then, I could hook the login procedure with container methods (JAAS, i.e. a web browser login/password pop-up) and still be able to (when I'm ready) use SSLext or something like it for the HTTP/HTTPS switching. Regards, David -----Original Message----- From: Mailing List [mailto:[EMAIL PROTECTED] Sent: Saturday, March 13, 2004 6:19 AM To: [EMAIL PROTECTED] Subject: security framework!!! I'm developing a web application with struts.I had a problem for support security at jsp pages level for different roles.I send an email and recived 2 response to solve my problem: 1. with HTML tags. 2. 2.with define role in tiles definition but I'm searching for a good framework that be compatibled with struts framework and support the security for different roles at page levels. I mean for example if I have a jsp page with tow textfields and a submit deponds on user's role at the system,one user just can see one of the textfield and submit buttom and another user can see both of the textfield and submit buttom. Can you suggest a good framework for me. regards --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
