Re: JAAS struts 2 Tutorial?

Wed, 12 Sep 2007 06:07:19 -0700 

Hello Mark,

Thanks for your response.
Actually I am writing a Web Application from Scratch, using Struts 2 and Hibernate. I need to implement security so that only authorised User can access the desired pages. The user names, passwords and their roles are stored in the database.
I am looking for a tutorial that can guide me through implementation of JAAS based security for my web application. I am starting from scratch here. 

Regards,
Muhammad Momin Rashid.

Mark McLaren wrote:

Hi Muhammad,

With respect to JAAS integration.  Do you mean something like this?

<http://struts.apache.org/2.x/docs/how-do-i-obtain-security-details-jaas.html>

I'm new to Struts 2 but I would imagine you probably want an
interceptor of some kind (RolesInterceptor, PrincipalAware etc.) to
pass your authentication and authorization details into your Struts
Actions.

As regards Hibernate integration, I would imagine your best option
would be to inject your Hibernate Data Access Object (DAO) into your
Struts 2 application using Spring (or something like it, e.g. Guice).
If you write your application following the usual IoC best practices
you will end up with an application where it should be easy to replace
Hibernate with something else (e.g. TopLink, iBATIS, JDBC[Template]).
You should then be able to test this code away from the web and reuse
it elsewhere.

<http://static.springframework.org/spring/docs/2.0.x/reference/orm.html#orm-hibernate>
<http://struts.apache.org/2.0.9/docs/spring-plugin.html>

Alternatively here is an example of writing a Hibernate Aware Struts 2 Action.
<http://www.hibernate.org/51.html>

HTH

Mark

On 9/12/07, Muhammad Momin Rashid <[EMAIL PROTECTED]> wrote:

Hello Everyone,

I am looking for a tutorial for integrating JAAS into my Struts 2 +
Hibernate Application.  Can anyone point me to the right resources?

Is JAAS the best way to go, or there are better alternates?  If anyone
thinks there are better alternates, can you provide me with the links to
relevant tutorials?

Regards,
Muhammad Momin Rashid.






---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to