Re: [S2] populating user roles

Wed, 02 May 2007 02:00:08 -0700 

Am I missing something?   I have a working version of an AuthInterceptor, but
still no examples on how to control isUserInRole().

On manning.com I found a lightbody_src.zip from WW in action, but it doesn't
handle roles.
Could anybody tell me the location of Mark Mernards blog?

/Flemming


Quoting Laurie Harper <[EMAIL PROTECTED]>:
Those are good pointers. The key is that it all depends on how you are handling authentication and authorization, since there are so many possible approaches.
For example, if you use container managed security, setting up the roles is a matter of configuring your container appropriately. If you're using a non-'standards based' authentication mechanism (filters, S2 interceptors, or other custom functionality), you'll need to manage roles yourself. Zoran's pointers should get you on your way in that case. 

L.

Zoran Avtarovski wrote:

To achieve this we wrote a custom AuthInterceptor which we added to the
default stack, which adds some core authorisation functionality - add user
object (with roles) to the session, add a custom user menu (based on roles)
to the session and checks authorisation for the action.

It's pretty straight forward with Interceptors. Mark Mernard has an example
on his blog which is a good starting point and WW in Action also has a good
example, just download the source code from the manning site and look for
the sample AuthInterceptor code.

Z.
I would like to populate the user roles from a database during login, but have 
not found any examples how to do so in Struts2.

I have found an example how to use RolesInterceptor to secure access to
specific
actions, but no hints on how to populate the roles.

/Flemming


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to