You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by MOHAN RADHAKRISHNAN <mr...@cellexchange.com> on 2004/04/12 17:33:44 UTC
override isUserInRole
Hi
I am looking for ways to bypass CMA in one case which requires an
anonymous user to view some data.
1. I am trying to use
public class RequestWrapper extends HttpServletRequestWrapper{
private HttpServletRequest request;
public RequestWrapper( HttpServletRequest req ){
super( req );
}
public boolean isUserInRole( String role ){
return true;
}
}
I know that this is one approach. How would this work if I were using a
servlet filter ? I'd like to know how to use this to fool CMA.
2. The other approach is to use multiple security constraints in web.xml
I have a problem again.
How can I use URL pattern matching for /switch.do?prefix=/x&page=/x.do ?
I am using modules.
I want to move it into a separate security constraint section without
roles.
Appreciate help. Is what I am trying to do feasible ?
Mohan
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org