Discussions

Web tier: servlets, JSP, Web frameworks: Struts 1.1 and JAAS ????

  1. Struts 1.1 and JAAS ???? (1 messages)

    The apache web site says:

    "While Struts can work with any approach to user authentication and authoriaztion. Struts 1.1 will offer direct support for the standard Java Authentication and Authorization Service (JAAS). In Struts 1.1 (and the current nightly build, you can specify security roles on an action-by-action basis."

    I cannot find any documentation on what they are talking about. The only way I know of using JAAS with Struts is by overriding the ActionServlet class. The material for that can be found at the
    http://www.mooreds.com
    website.

    However, this approach is for Struts 1.02 I beleive.

    So my question is where is this magical new support for JAAS in Struts 1.1? Please somebody show me the documentation that I am overlooking. I am very interested in this.
  2. Re: Struts 1.1 and JAAS ????[ Go to top ]

    Hi, I nosed around the source a bit and while there's support for seeing if a principal is present: http://struts.apache.org/1.1/userGuide/struts-logic.html#present there's no support for actually associating the principal with a user. In addition, the FAQ points to two mailing lists posts, neither of which mentions JAAS. http://struts.apache.org/1.1/faqs/newbie.html#authenticate Looks like you're on your own. Good luck, Dan