Re: How to implements Role Based Access Control in Struts ?

Bill Siggelkow Thu, 24 Jun 2004 06:10:52 -0700

If container-managed security is to limiting for you but you still want to use the <logic:present role="..."> tag then you might want to look into SecurityFilter (http://securityfilter.sourceforge.net). There are a lot of pros and cons when choosing a security mechanism. SecurityFilter allows many conveniences offered by container-managed security (like being able to use "request.isUserInRole(...)" etc. yet still allow a custom solution.

<shameless-plug> I provided the initial draft for the Struts Security chapter of Struts: The Complete Reference (Osborne) by James Holmes. I cover a lot of these details in this chapter. </shameless-plug>

Let me know if you have more specific questions: I will be glad to help :)

Bill Siggelkow

javen fang wrote:

Hi , all:
I have queried this mailing list, and I get some
discusses about RBAC ( Role Based Access Control ) in
struts. I understand that <logic:present role="...">
in JSP page and "role" attribute in ActionMapping are
all prepared with Container Management Access Control,
etc, JDBCRealm.
But it seems that what I need is not Container Management Access Control,because CMAC is configured in config file(etc, server.xml,web.xml) , but I want to let customer config user roles in dynamic way,and the user roles infomation is read from database.
So,how can I implements RBAC with struts. can you give
me some advice?
thanks, javen
            
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: How to implements Role Based Access Control in Struts ?

Reply via email to