You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@velocity.apache.org by ma...@apache.org on 2004/01/30 03:47:28 UTC
cvs commit: jakarta-velocity-tools/xdocs/struts SecureLinkTool.xml
marino 2004/01/29 18:47:28
Added: xdocs/struts SecureLinkTool.xml
Log:
Some documentation for the SecureLinkTool
Revision Changes Path
1.1 jakarta-velocity-tools/xdocs/struts/SecureLinkTool.xml
Index: SecureLinkTool.xml
===================================================================
<?xml version="1.0"?>
<document>
<properties>
<title>SecureLinkTool</title>
<author email="marino@apache.org">Marino A. Jonsson</author>
<projectfile>xdocs/struts/menu.xml</projectfile>
</properties>
<body>
<section name="SecureLinkTool Reference Documentation">
<p>The SecureLinkTool extends the standard
<a href="../view/LinkTool.html">LinkTool</a> and has the exact same interface as
<a href="StrutsLinkTool.html">StrutsLinkTool</a>. It should substitute the
<a href="StrutsLinkTool.html">StrutsLinkTool</a> in the toolbox if
<a href="http://sslext.sourceforge.net">SSL Ext</a> is installed.
It's functionality is a subset of the functionality provided by the
sslext tag library for JSP.</p>
<p>The SSL Ext. Struts extension package makes it possible to declare Struts actions
secure, non-secure, or neutral in the struts config like so:</p>
<sourcecode>
<action path="/someSecurePath" type="some.important.Action">
<set-property property="secure" value="true"/>
<forward name="success" path="/somePage.vm" />
</action>
</sourcecode>
<p>If an action is declared secure the SecureLinkTool will render the relevant link
as https (if not already in ssl-mode). In the same way, if an action is declared
non-secure the SecureLinkTool will render the relevant link as http (if in ssl-mode).
If the action is declared as neutral (with a "secure" property of "any") then the
SecureLinkTool won't force a protocol change either way.<br/> If the custom
request processor is also used then a request will be redirected to the correct
protocol if an action URL is manually entered into the browser with the wrong protocol</p>
<p>These are the steps needed to enable SSL Ext:</p>
<ul>
<li>SSL connections need to be enabled on the webserver.</li>
<li>The Java Secure Socket Extension (JSSE) package needs to be in place (it's
integrated into the Java 2 SDK Standard Edition, v. 1.4 but optional for earlier
versions)</li>
<li>In toolbox.xml the SecureLinkTool should substitute the StrutsLinkTool</li>
<li>In struts-conf.xml the custom action-mapping class needs to be specified</li>
<li>In struts-conf.xml the custom controller class can optionally be specified
(if the redirect feature is wanted)</li>
<li>In struts-conf.xml the SecurePlugIn needs to be added</li>
<li>In struts-conf.xml, when using Tiles, the SecureTilesPlugin substitues both the
TilesPlugin and the SecurePlugIn and it also takes care of setting the correct
controller so there is no need to specify the custom controller.</li>
</ul>
<p>Check out the SSL Ext. <a href="http://sslext.sourceforge.net">project home</a>
for more information.</p>
<toolinfo>
<version>@@@version@@@, @@@date@@@</version>
<clazz>org.apache.velocity.tools.struts.SecureLinkTool</clazz>
<name>$link</name>
<author email="sidler@teamup.com">Gabriel Sidler</author>
<author email="nathan@esha.com">Nathan Bubna</author>
<author email="marinoj@centrum.is">Marino A. Jonsson</author>
<config-example><tool>
<key>link</key>
<scope>request</scope>
<class>org.apache.velocity.tools.struts.SecureLinkTool</class>
</tool></config-example>
</toolinfo>
</section>
</body>
</document>
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-dev-help@jakarta.apache.org