Pow2ACL http://pow2acl.sourceforge.net/index.html might fit your JAAS high-end needs. It also integrates with Struts.
Regards, David -----Original Message----- From: Adam Lipscombe [mailto:[EMAIL PROTECTED] Sent: Thursday, June 17, 2004 9:02 AM To: 'Struts Users Mailing List' Subject: Specifying JAAS permission on a per-action basis Folks, I am using JAAS with the Tagish libraries to authenticate users via a JDBC lookup. This works. What I need to do now is to specify permissions on an action-by-action basis, but I am unclear about how this is achieved... Dan Moore's excellent tutorial at http://www.mooreds.com/jaas.html shows an example of setting permissions via a policy configuration file ("Example 8. Sample JAAS policy file"). I have also read that its possible to specify permission via a "roles" attribute on the action mapping definition in the struts-config.xml file. Does anyone know if these approaches to permission setting are complimentary or mutually exclusive? Does anyone know which is the best? I would prefer to set the perms in struts-config if possible, if only to keep all the config in the same file. An example of setting perms this way would be great. TIA - Adam --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]