You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Joseph McGranaghan <dr...@draegoonz.com> on 2006/12/10 23:59:15 UTC
Struts 1.3.5 and SSL
Sorry, but I just can't get a clear understanding of a solution
for Struts 1.3.5 and SSL. I've always used sslext to ensure my
pages are secured.
So now if I want to use the new ComposableRequestProcessor,
how can I implement this functionality.
I've searched and I can't find the solution.
Thanks,
Joe
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Joseph McGranaghan <dr...@draegoonz.com>.
Thanks for your input Wendy.
The most relevant thread I've found is
http://marc.theaimsgroup.com/?l=struts-user&m=116112041327956&w=2
The struts wiki page http://wiki.apache.org/struts/StrutsUpgradeNotes12to13
documents the fix for the missing tiles commands.
-Joe
Wendy Smoak wrote:
> on 12/11/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
>
>> - Do I start with the default ComposableRequestProcessor?
>>
>> - Do I gut the org.apache.struts.action.SecureTilesRequestProcessor and
>> add it to commands
>>
>> - Do I need to alter the underlying struts chain-config, override it, or
>> just add commands in another chain-config
>
> I don't think you'll have to touch the ComposableRequestProcessor itself.
>
> The supplied chain config file is in
> org/apache/struts/chain/chain-config.xml of the struts-core jar. (Or
> org/apache/struts/tiles/chain-config.xml if you're using the one from
> Tiles. [1])
>
> I think you would use one of those chain config files as a starting
> point, write another command (or chain of commands,) and configure the
> framework to use your replacement chain config file.
>
> But I haven't tried it myself. :)
>
> [1] IIRC, the chain config file for Tiles in 1.3.5 is missing a couple
> of commands and you'll need to add them.
>
> HTH
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Wendy Smoak <ws...@gmail.com>.
on 12/11/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
> - Do I start with the default ComposableRequestProcessor?
>
> - Do I gut the org.apache.struts.action.SecureTilesRequestProcessor and
> add it to commands
>
> - Do I need to alter the underlying struts chain-config, override it, or
> just add commands in another chain-config
I don't think you'll have to touch the ComposableRequestProcessor itself.
The supplied chain config file is in
org/apache/struts/chain/chain-config.xml of the struts-core jar. (Or
org/apache/struts/tiles/chain-config.xml if you're using the one from
Tiles. [1])
I think you would use one of those chain config files as a starting
point, write another command (or chain of commands,) and configure the
framework to use your replacement chain config file.
But I haven't tried it myself. :)
[1] IIRC, the chain config file for Tiles in 1.3.5 is missing a couple
of commands and you'll need to add them.
HTH
--
Wendy
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: Struts 1.3.5 and SSL
Posted by Scott Purcell <sp...@ilevy.com>.
I was trying to follow this thread and didn't see any responses? Has
this been answered off-line? Just curious.
Thanks,
-----Original Message-----
From: Joseph McGranaghan [mailto:draegoonZ@draegoonz.com]
Sent: Monday, December 11, 2006 6:34 AM
To: Struts Users Mailing List
Subject: Re: Struts 1.3.5 and SSL
Could you be more clear?
- Do I start with the default ComposableRequestProcessor?
- Do I gut the org.apache.struts.action.SecureTilesRequestProcessor and
add it to commands
- Do I need to alter the underlying struts chain-config, override it, or
just add commands in another chain-config
The biggest problem is that I can't find good documentation on this or
examples.
SSL in struts should be a flick of a flag.
Can anyone point me to some good info?
The best I found was the infonia article, but it leaves a lot of
questions.
Thanks,
Joe
Paul Benedict wrote:
> Write yourself a Command and add it into the chain.
>
> Joseph McGranaghan wrote:
>>
>>
>> Sorry, but I just can't get a clear understanding of a solution
>> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
>> pages are secured.
>>
>> So now if I want to use the new ComposableRequestProcessor,
>> how can I implement this functionality.
>>
>> I've searched and I can't find the solution.
>>
>> Thanks,
>>
>> Joe
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Joseph McGranaghan <dr...@draegoonz.com>.
Could you be more clear?
- Do I start with the default ComposableRequestProcessor?
- Do I gut the org.apache.struts.action.SecureTilesRequestProcessor and
add it to commands
- Do I need to alter the underlying struts chain-config, override it, or
just add commands in another chain-config
The biggest problem is that I can't find good documentation on this or
examples.
SSL in struts should be a flick of a flag.
Can anyone point me to some good info?
The best I found was the infonia article, but it leaves a lot of questions.
Thanks,
Joe
Paul Benedict wrote:
> Write yourself a Command and add it into the chain.
>
> Joseph McGranaghan wrote:
>>
>>
>> Sorry, but I just can't get a clear understanding of a solution
>> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
>> pages are secured.
>>
>> So now if I want to use the new ComposableRequestProcessor,
>> how can I implement this functionality.
>>
>> I've searched and I can't find the solution.
>>
>> Thanks,
>>
>> Joe
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Paul Benedict <pb...@apache.org>.
Write yourself a Command and add it into the chain.
Joseph McGranaghan wrote:
>
>
> Sorry, but I just can't get a clear understanding of a solution
> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
> pages are secured.
>
> So now if I want to use the new ComposableRequestProcessor,
> how can I implement this functionality.
>
> I've searched and I can't find the solution.
>
> Thanks,
>
> Joe
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Niall Pemberton <ni...@gmail.com>.
great, thanks for feeding back :-)
Niall
On 12/13/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
> Yep, everything seems to work fine besides other upgrade issues.
>
> Thanks again.
>
> Joseph McGranaghan wrote:
> > Thanks Naill, you're the man! :-)
> >
> > I'll reply my results to the list.
> >
> > -Joe
> >
> > Niall Pemberton wrote:
> >> On 12/10/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
> >>>
> >>> Sorry, but I just can't get a clear understanding of a solution
> >>> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
> >>> pages are secured.
> >>>
> >>> So now if I want to use the new ComposableRequestProcessor,
> >>> how can I implement this functionality.
> >>
> >> I've added a page describing what you need to do - plus a jar file
> >> with an appropriate command and chain config:
> >>
> >> http://www.niallp.pwp.blueyonder.co.uk/sslext.html
> >>
> >> Niall
> >>
> >>
> >>> I've searched and I can't find the solution.
> >>>
> >>> Thanks,
> >>>
> >>> Joe
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Joseph McGranaghan <dr...@draegoonz.com>.
Yep, everything seems to work fine besides other upgrade issues.
Thanks again.
Joseph McGranaghan wrote:
> Thanks Naill, you're the man! :-)
>
> I'll reply my results to the list.
>
> -Joe
>
> Niall Pemberton wrote:
>> On 12/10/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
>>>
>>> Sorry, but I just can't get a clear understanding of a solution
>>> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
>>> pages are secured.
>>>
>>> So now if I want to use the new ComposableRequestProcessor,
>>> how can I implement this functionality.
>>
>> I've added a page describing what you need to do - plus a jar file
>> with an appropriate command and chain config:
>>
>> http://www.niallp.pwp.blueyonder.co.uk/sslext.html
>>
>> Niall
>>
>>
>>> I've searched and I can't find the solution.
>>>
>>> Thanks,
>>>
>>> Joe
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Joseph McGranaghan <dr...@draegoonz.com>.
Thanks Naill, you're the man! :-)
I'll reply my results to the list.
-Joe
Niall Pemberton wrote:
> On 12/10/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
>>
>> Sorry, but I just can't get a clear understanding of a solution
>> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
>> pages are secured.
>>
>> So now if I want to use the new ComposableRequestProcessor,
>> how can I implement this functionality.
>
> I've added a page describing what you need to do - plus a jar file
> with an appropriate command and chain config:
>
> http://www.niallp.pwp.blueyonder.co.uk/sslext.html
>
> Niall
>
>
>> I've searched and I can't find the solution.
>>
>> Thanks,
>>
>> Joe
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Struts 1.3.5 and SSL
Posted by Niall Pemberton <ni...@gmail.com>.
On 12/10/06, Joseph McGranaghan <dr...@draegoonz.com> wrote:
>
> Sorry, but I just can't get a clear understanding of a solution
> for Struts 1.3.5 and SSL. I've always used sslext to ensure my
> pages are secured.
>
> So now if I want to use the new ComposableRequestProcessor,
> how can I implement this functionality.
I've added a page describing what you need to do - plus a jar file
with an appropriate command and chain config:
http://www.niallp.pwp.blueyonder.co.uk/sslext.html
Niall
> I've searched and I can't find the solution.
>
> Thanks,
>
> Joe
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org