You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by se...@gmx.com on 2003/12/03 19:02:32 UTC
Extending DTD and consequences
Hello all,
I want to ask you for help concerning an extension of the struts config dtd
and how to make these extension available in the javabeans, respectively. In
my case the "roles" tag isn't enough why I added a "security-constraint" tag.
Within a sub-class of RequestProcessor I would like to check if the user in
role satifies the security-constraint to call the corresponding action. A
security-constraint is composed of a module name and a function access
permission. To do checking I need to be able access the securityConstraint-property of
my SessionActionMapping sub-class if I'm right. But I don't now how to tell
the Digester with the right rules how to add the SecurityConstraint bean to
my SessionActionMapping sub-class. There's where I need help.
So first this is how my DTD looks like:
...
<!ELEMENT action-mappings (action*)>
<!ATTLIST action-mappings id ID #IMPLIED>
<!ATTLIST action-mappings type %ClassName; #IMPLIED>
<!-- The "auth-constraint" element describes an AuthConstraint object that
describes which access rights are neccessary to call an action. The
following attributes are defined:
module-name Name of the module where access should be granted.
function-name Name of the function whose access rights should be
granted.
-->
<!ELEMENT auth-constraint EMPTY>
<!ATTLIST auth-constraint
module-name CDATA #REQUIRED
function-name CDATA #REQUIRED>
<!-- The "security-constraint" element describes an SecurityConstraint
object which collects a number of AuthConstraint objects
-->
<!ELEMENT security-constraint (auth-constraint+)>
<!-- The "action" element describes an ActionMapping object that is to be
used
to process a request for a specific module-relative URI. The following
attributes are defined:
<!ELEMENT action (icon?, display-name?, description?, set-property*,
exception*, forward*, security-constraint?)>
<!ATTLIST action id ID #IMPLIED>
...
and this is how my extended struts config look like:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts-config
PUBLIC "-//Sebastian//DTD Struts Configuration 1.1_1//EN"
"struts-config_1_1_RFS1.dtd">
<struts-config>
<!-- Data Sources -->
<data-sources>
</data-sources>
<!-- Form Beans -->
<form-beans>
</form-beans>
<!-- Global Forwards -->
<global-forwards>
</global-forwards>
<!-- Action Mappings -->
<action-mappings type="sample.struts.action.RFSActionMapping">
<action path="/sample-action" type="sample.actions.SampleAction">
<forward name="success" path="success.jsp"></forward>
<forward name="error" path="error.jsp"></forward>
<security-constraint>
<auth-constraint module-name="show" function-name="ordering" />
</security-constraint>
</action>
</action-mappings>
</struts-config>
I wrote an ActionServlet sub-class to define the public id of my dtd for the
digester and activated my ActionServer sub-class threw the web deployment
descriptor. Starting my sample application the action servlet gets correctly
initialized.
Then I added JavaBeans SecurityConstraint and AuthConstraint.
SecurityConstraint contains a property authConstraints type Collection, getter- and
setter-methods and a addAuthConstraint-method. AuthConstraint is a simple JavaBean
with properties moduleName and functionName and getter/setter-methods.
SampleActionMapping extends SessionActionMapping and contains a property of
type SecurityConstraint. Within the struts-config I defined my sample action
mapping globaly for all action mappings.
All this describes works fine. But now the problem raises. Following an
excerpt from my SampleRuleSet:
public class SampleRuleSet extends RuleSetBase {
public void addRuleInstances(Digester digester) {
digester.addObjectCreate(
"struts-config/action-mappings/action/security-constraint",
"sample.struts.config.SecurityConstraint");
digester.addObjectCreate(
"struts-config/action-mappings/action/security-constraint/auth-constraint",
"sample.struts.config.AuthConstraint");
digester.addSetProperties(
"struts-config/action-mappings/action/security-constraint/auth-constraint",
"function-name",
"functionName");
digester.addSetProperties(
"struts-config/action-mappings/action/security-constraint/auth-constraint",
"module-name",
"moduleName");
digester.addSetNext(
"struts-config/action-mappings/action/security-constraint/auth-constraint",
"addAuthConstraint");
I added my sample rule set using the init parameter within the web
deployment descriptor. But I didn't find the way how to tell the digester to add the
SecurityConstraint bean to my sample action mapping.
Impatiently waiting for your answers
regards
Sebastian
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: Extending DTD and consequences
Posted by Manish Singla <Ma...@Sun.COM>.
You may have to extend ActionConfig also.
You wrote:
> I wrote an ActionServlet sub-class to define the public id of my dtd
for the digester.
DO you mean "protected String registrations[]".
And this worked for you????.
Thanks
Manish.
sebastian_linz@gmx.com wrote:
> Hello all,
>
> I want to ask you for help concerning an extension of the struts config dtd
> and how to make these extension available in the javabeans, respectively. In
> my case the "roles" tag isn't enough why I added a "security-constraint" tag.
> Within a sub-class of RequestProcessor I would like to check if the user in
> role satifies the security-constraint to call the corresponding action. A
> security-constraint is composed of a module name and a function access
> permission. To do checking I need to be able access the securityConstraint-property of
> my SessionActionMapping sub-class if I'm right. But I don't now how to tell
> the Digester with the right rules how to add the SecurityConstraint bean to
> my SessionActionMapping sub-class. There's where I need help.
>
> So first this is how my DTD looks like:
>
> ...
> <!ELEMENT action-mappings (action*)>
> <!ATTLIST action-mappings id ID #IMPLIED>
> <!ATTLIST action-mappings type %ClassName; #IMPLIED>
>
>
> <!-- The "auth-constraint" element describes an AuthConstraint object that
> describes which access rights are neccessary to call an action. The
> following attributes are defined:
>
> module-name Name of the module where access should be granted.
>
> function-name Name of the function whose access rights should be
> granted.
> -->
> <!ELEMENT auth-constraint EMPTY>
> <!ATTLIST auth-constraint
> module-name CDATA #REQUIRED
> function-name CDATA #REQUIRED>
>
>
> <!-- The "security-constraint" element describes an SecurityConstraint
> object which collects a number of AuthConstraint objects
> -->
> <!ELEMENT security-constraint (auth-constraint+)>
>
>
> <!-- The "action" element describes an ActionMapping object that is to be
> used
> to process a request for a specific module-relative URI. The following
> attributes are defined:
>
> <!ELEMENT action (icon?, display-name?, description?, set-property*,
> exception*, forward*, security-constraint?)>
> <!ATTLIST action id ID #IMPLIED>
> ...
>
>
> and this is how my extended struts config look like:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE struts-config
> PUBLIC "-//Sebastian//DTD Struts Configuration 1.1_1//EN"
> "struts-config_1_1_RFS1.dtd">
> <struts-config>
>
> <!-- Data Sources -->
> <data-sources>
> </data-sources>
>
> <!-- Form Beans -->
> <form-beans>
> </form-beans>
>
> <!-- Global Forwards -->
> <global-forwards>
> </global-forwards>
>
> <!-- Action Mappings -->
> <action-mappings type="sample.struts.action.RFSActionMapping">
> <action path="/sample-action" type="sample.actions.SampleAction">
> <forward name="success" path="success.jsp"></forward>
> <forward name="error" path="error.jsp"></forward>
> <security-constraint>
> <auth-constraint module-name="show" function-name="ordering" />
> </security-constraint>
> </action>
> </action-mappings>
>
> </struts-config>
>
> I wrote an ActionServlet sub-class to define the public id of my dtd for the
> digester and activated my ActionServer sub-class threw the web deployment
> descriptor. Starting my sample application the action servlet gets correctly
> initialized.
>
> Then I added JavaBeans SecurityConstraint and AuthConstraint.
> SecurityConstraint contains a property authConstraints type Collection, getter- and
> setter-methods and a addAuthConstraint-method. AuthConstraint is a simple JavaBean
> with properties moduleName and functionName and getter/setter-methods.
>
> SampleActionMapping extends SessionActionMapping and contains a property of
> type SecurityConstraint. Within the struts-config I defined my sample action
> mapping globaly for all action mappings.
>
> All this describes works fine. But now the problem raises. Following an
> excerpt from my SampleRuleSet:
>
> public class SampleRuleSet extends RuleSetBase {
>
> public void addRuleInstances(Digester digester) {
>
> digester.addObjectCreate(
> "struts-config/action-mappings/action/security-constraint",
> "sample.struts.config.SecurityConstraint");
>
> digester.addObjectCreate(
>
> "struts-config/action-mappings/action/security-constraint/auth-constraint",
> "sample.struts.config.AuthConstraint");
> digester.addSetProperties(
>
> "struts-config/action-mappings/action/security-constraint/auth-constraint",
> "function-name",
> "functionName");
> digester.addSetProperties(
>
> "struts-config/action-mappings/action/security-constraint/auth-constraint",
> "module-name",
> "moduleName");
> digester.addSetNext(
>
> "struts-config/action-mappings/action/security-constraint/auth-constraint",
> "addAuthConstraint");
>
> I added my sample rule set using the init parameter within the web
> deployment descriptor. But I didn't find the way how to tell the digester to add the
> SecurityConstraint bean to my sample action mapping.
>
> Impatiently waiting for your answers
>
> regards
>
> Sebastian
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
--
Thanks
Manish Singla
x73166
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org