You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Michel Bertrand <mi...@datasul.com.br> on 2003/10/10 13:46:10 UTC
Struts and Tomcat JDBC Realms
Hi all !
I was woundering about using Struts in Tomcat with JDBC Realms.
I found lots of topics about Strunts and Realms but using policy files
and I did not find any question or topic involving struts and JDBC Reals.
Does struts support the use of JDBC Realms in Tomcat ? I don't intent
to use it to proctect my Actions, but to protect my "jsp" pages under
some specific app directories.
I tried to implement this running Tomcat in Security Mode but I have
some SecurityExceptions in some actions. Is it common ? Could I
solve it setting priviledges to struts.jar in my catalina.policy ?
And so, does anybody implemented Struts + JDBC Realms + Tomcat ?
Thanks in advance,
Michel.
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: Struts and Tomcat JDBC Realms
Posted by Adam Hardy <ah...@cyberspaceroad.com>.
On 10/10/2003 01:46 PM Michel Bertrand wrote:
> Hi all !
>
> I was woundering about using Struts in Tomcat with JDBC Realms.
>
> I found lots of topics about Strunts and Realms but using policy files
> and I did not find any question or topic involving struts and JDBC Reals.
>
> Does struts support the use of JDBC Realms in Tomcat ? I don't intent
> to use it to proctect my Actions, but to protect my "jsp" pages under
> some specific app directories.
>
> I tried to implement this running Tomcat in Security Mode but I have
> some SecurityExceptions in some actions. Is it common ? Could I
> solve it setting priviledges to struts.jar in my catalina.policy ?
>
> And so, does anybody implemented Struts + JDBC Realms + Tomcat ?
Yes, many people do! Using a tomcat realm for authentication with
standard security-constraints is not normally problematic.
Setting up struts to make use of realm authorization (for roles) is
child's play (as long as your database contains the roles & links to the
users). Just put the "role" attribute in the action mapping in the config.
Where & when are you getting these exceptions? Also, policy files don't
need to come into it at all. Doing anything with priviliges to
struts.jar is something I've never heard of. I think you are coming to
the subject with a mindset for a different type of authentication &
authorization system - what you require from tomcat & struts is not too
complex.
Adam
--
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org