You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by alee amin <ma...@gmail.com> on 2009/02/04 11:56:24 UTC
[S2] How to apply form based security in struts 2 application
I browsed through struts official site to check for any plugin available or
security mechanism to authenticate the user. but i could not find one. can
anyone guide me what are teh ways to implement the security constraints
(user security) on application.
..alee
http://techboard.wordpress.com
Re: [S2] How to apply form based security in struts 2 application
Posted by alee amin <ma...@gmail.com>.
thanks
..alee
http://techboard.wordpress.com
On Thu, Feb 5, 2009 at 6:25 AM, dusty <du...@yahoo.com> wrote:
>
> +1 Spring Security. Everything else is for wimps.
>
>
>
> Wes Wannemacher wrote:
> >
> > On Wednesday 04 February 2009 05:56:24 alee amin wrote:
> >> I browsed through struts official site to check for any plugin available
> >> or
> >> security mechanism to authenticate the user. but i could not find one.
> >> can
> >> anyone guide me what are teh ways to implement the security constraints
> >> (user security) on application.
> >>
> >> ..alee
> >> http://techboard.wordpress.com
> >
> > There are really 3 main choices,
> >
> > 1. Container managed security... If you are using Tomcat, check the docs
> > here-
> > http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
> > Advantage - Part of Spec
> > Disadvantage - Doesn't always port to other app servers
> >
> > 2. Roll your own s2 interceptor... Check Mark Menard's tutorial -
> >
> http://www.vitarara.org/cms/struts_2_cookbook/creating_a_login_interceptor
> > Advantage - very Struts-y
> > Disadvantage - Not necessarily full-featured
> >
> > 3. Use Spring Security.
> > http://static.springframework.org/spring-security/site/index.html
> > Advantage - Super-Flexible, ports well to any app server
> > Disadvantage - steep learning curve, but after a bit of time, it all
> falls
> > into place.
> >
> > -Wes
> >
> > --
> >
> > Wes Wannemacher
> > Author - Struts 2 In Practice
> > Includes coverage of Struts 2.1, Spring, JPA, JQuery, Sitemesh and more
> > http://www.manning.com/wannemacher
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/-S2--How-to-apply-form-based-security-in-struts-2-application-tp21828303p21843440.html
> Sent from the Struts - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Re: [S2] How to apply form based security in struts 2 application
Posted by dusty <du...@yahoo.com>.
+1 Spring Security. Everything else is for wimps.
Wes Wannemacher wrote:
>
> On Wednesday 04 February 2009 05:56:24 alee amin wrote:
>> I browsed through struts official site to check for any plugin available
>> or
>> security mechanism to authenticate the user. but i could not find one.
>> can
>> anyone guide me what are teh ways to implement the security constraints
>> (user security) on application.
>>
>> ..alee
>> http://techboard.wordpress.com
>
> There are really 3 main choices,
>
> 1. Container managed security... If you are using Tomcat, check the docs
> here-
> http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
> Advantage - Part of Spec
> Disadvantage - Doesn't always port to other app servers
>
> 2. Roll your own s2 interceptor... Check Mark Menard's tutorial -
> http://www.vitarara.org/cms/struts_2_cookbook/creating_a_login_interceptor
> Advantage - very Struts-y
> Disadvantage - Not necessarily full-featured
>
> 3. Use Spring Security.
> http://static.springframework.org/spring-security/site/index.html
> Advantage - Super-Flexible, ports well to any app server
> Disadvantage - steep learning curve, but after a bit of time, it all falls
> into place.
>
> -Wes
>
> --
>
> Wes Wannemacher
> Author - Struts 2 In Practice
> Includes coverage of Struts 2.1, Spring, JPA, JQuery, Sitemesh and more
> http://www.manning.com/wannemacher
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/-S2--How-to-apply-form-based-security-in-struts-2-application-tp21828303p21843440.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: [S2] How to apply form based security in struts 2 application
Posted by Wes Wannemacher <we...@wantii.com>.
On Wednesday 04 February 2009 05:56:24 alee amin wrote:
> I browsed through struts official site to check for any plugin available or
> security mechanism to authenticate the user. but i could not find one. can
> anyone guide me what are teh ways to implement the security constraints
> (user security) on application.
>
> ..alee
> http://techboard.wordpress.com
There are really 3 main choices,
1. Container managed security... If you are using Tomcat, check the docs here-
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
Advantage - Part of Spec
Disadvantage - Doesn't always port to other app servers
2. Roll your own s2 interceptor... Check Mark Menard's tutorial -
http://www.vitarara.org/cms/struts_2_cookbook/creating_a_login_interceptor
Advantage - very Struts-y
Disadvantage - Not necessarily full-featured
3. Use Spring Security.
http://static.springframework.org/spring-security/site/index.html
Advantage - Super-Flexible, ports well to any app server
Disadvantage - steep learning curve, but after a bit of time, it all falls
into place.
-Wes
--
Wes Wannemacher
Author - Struts 2 In Practice
Includes coverage of Struts 2.1, Spring, JPA, JQuery, Sitemesh and more
http://www.manning.com/wannemacher
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org