Hi , I am newbie to Struts2. I have the following issue while configuring the container managed security in Struts2 with Websphere Application Server 6.1. ..Need urgent assistance Please...
Issue: -------- I want to secure my web application using Container managed security by using Websphere Application Server6.1. Secured all the URLs by placing a security constraint and map the relevant users/groups in my web.xml.But the security credentials are not propagated to the LoginAction class.when i print the request.getRemoteUser() it gives null.Where as the same works 100% fine in TOMCAT server. Entries in web.xml ------------------ <filter> <filter-name>struts</filter-name> <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class> </filter> <filter-mapping> <filter-name>struts</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <security-constraint> <display-name> secconst12</display-name> <web-resource-collection> <web-resource-name>secweb1234</web-resource-name> <url-pattern>*.action</url-pattern> <url-pattern>/*</url-pattern> <url-pattern>*</url-pattern> <http-method>GET</http-method> <http-method>PUT</http-method> <http-method>HEAD</http-method> <http-method>TRACE</http-method> <http-method>POST</http-method> <http-method>DELETE</http-method> <http-method>OPTIONS</http-method> </web-resource-collection> <auth-constraint> <description> secAuthConst12</description> <role-name>secrole12</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>DirRealm</realm-name> </login-config> <security-role> <role-name>secrole12</role-name> </security-role> Entries in struts.xml --------------------- <struts> <!-- Include webwork default (from the Struts JAR). --> <include file="struts-default.xml"/> <package name="default" extends="struts-default"> <action name="login" class="com.xxx.xxx.action.LoginAction" > <result name="load" >success.jsp</result> </action> </package> </struts> LoginAction.java ---------------- public class LoginAction { ........... ........... ........... public String execute() { HttpServletRequest request = ServletActionContext.getRequest(); System.out.println("req.getRemoteUser() : " + request.getRemoteUser()); // Prints null System.out.println("username : " + request.getParameter("userName")); return "load"; } } Below are the approaches what i've tried so far: ----------------------------------------------- Approach 1: Converted the Same application to Struts1.2 and deployed it in Websphere Application Server 6.1 Output: It works fine.Can able to get the remoteUser using request.getRemoteUser() Approach 2: Deployed the same struts2 application in ApacheTomcat 6.0.14 Output: It works fine.Can able to get the remoteUser using request.getRemoteUser() Approach 3: Deployed the same struts2 application in Websphere Application Server 6.1 Output: Not able to get the remoteUser in LoginAction.It prints null. Am i missing anything fundamentally.Please let us know what would be required to be done to make it work. -- View this message in context: http://www.nabble.com/Security-credentials-are-not-propogated-to-Actionclass-in-Struts2-tf4298249.html#a12234106 Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]