You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Vincent PROSPER <Vi...@Alkinos.com> on 2002/10/24 19:34:55 UTC
[tiles:put / logic:present] lost 'role' attribute
Hi,
Ok, my question may be obvious for some of yours, but I guess I am not the
only newbie having this kind of trouble (I hope ;-)
All I wanna do is to customize jsp pages (made of struts tiles) depending on
user's role.
Here is my trouble:
I've got a tile (among others with same concerns wrt roles) that displays a
'logout' link, and that is used on each jsp page of my portal.
The trouble is !THIS IS A PORTAL!
...that is to say some jsp are access protected, some others are not...
For the formers, all is OK, but concerning the latters, I loose the user's
role since Tomcat doesn't transmit it to the session for such kind of pages.
My questions are the following:
1. Is there any trick (config files?) to tell Tomcat to keep roles
avalaible, even when accessing public pages?
2. If not, can I force the "role" attribute either in tiles:put or in
logic:present in order to get the right JAAS role that is stored in the
container?
3. If not, I'd better try to gather all my jsp in the security url-pattern
and try to set a default user on public pages... If somebody knows how to do
this (positionning a default user without an authentication popup), please
tell me!
4. Is there another solution?
Thanks in advance for your answers.
Vince
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: [tiles:put / logic:present] lost 'role' attribute
Posted by Cedric Dumoulin <ce...@apache.org>.
Hi,
Vincent PROSPER wrote:
>Hi,
>
>Ok, my question may be obvious for some of yours, but I guess I am not the
>only newbie having this kind of trouble (I hope ;-)
>
>All I wanna do is to customize jsp pages (made of struts tiles) depending on
>user's role.
>
>Here is my trouble:
>I've got a tile (among others with same concerns wrt roles) that displays a
>'logout' link, and that is used on each jsp page of my portal.
>The trouble is !THIS IS A PORTAL!
>...that is to say some jsp are access protected, some others are not...
>For the formers, all is OK, but concerning the latters, I loose the user's
>role since Tomcat doesn't transmit it to the session for such kind of pages.
>
>
The method 'isUserInRole(role)' is on the request object. The session
tracks if the user is authenticated. but it is transparent from the
'isUserInRole(role)' point of view.The role checking work in nested tiles.
What doesn't work, is the automatic password popup if the check is
done in a nested tiles, and user is not authenticated. A solution could
be to put a role checking in the root tiles (generally the master
template).
Another solution is to have a logon page performing the
authentication. Nested Tiles will be shown only if the user is
authenticated.
>My questions are the following:
>
>1. Is there any trick (config files?) to tell Tomcat to keep roles
>avalaible, even when accessing public pages?
>
>2. If not, can I force the "role" attribute either in tiles:put or in
>logic:present in order to get the right JAAS role that is stored in the
>container?
>
>3. If not, I'd better try to gather all my jsp in the security url-pattern
>and try to set a default user on public pages... If somebody knows how to do
>this (positionning a default user without an authentication popup), please
>tell me!
>
>4. Is there another solution?
>
>Thanks in advance for your answers.
>
>Vince
>
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: [tiles:put / logic:present] lost 'role' attribute
Posted by Vincent PROSPER <Vi...@Alkinos.com>.
Hi,
could you please give some answer to this crucial problem?
Should I use cookies or any other trick to proceed?
Thanks in advance for your answers.
Vince
-----Original Message-----
From: Vincent PROSPER [mailto:Vincent.Prosper@Alkinos.com]
Sent: Thursday, October 24, 2002 7:35 PM
To: struts-user@jakarta.apache.org
Subject: [tiles:put / logic:present] lost 'role' attribute
Hi,
Ok, my question may be obvious for some of yours, but I guess I am not the
only newbie having this kind of trouble (I hope ;-)
All I wanna do is to customize jsp pages (made of struts tiles) depending on
user's role.
Here is my trouble:
I've got a tile (among others with same concerns wrt roles) that displays a
'logout' link, and that is used on each jsp page of my portal.
The trouble is !THIS IS A PORTAL!
...that is to say some jsp are access protected, some others are not...
For the formers, all is OK, but concerning the latters, I loose the user's
role since Tomcat doesn't transmit it to the session for such kind of pages.
My questions are the following:
1. Is there any trick (config files?) to tell Tomcat to keep roles
avalaible, even when accessing public pages?
2. If not, can I force the "role" attribute either in tiles:put or in
logic:present in order to get the right JAAS role that is stored in the
container?
3. If not, I'd better try to gather all my jsp in the security url-pattern
and try to set a default user on public pages... If somebody knows how to do
this (positionning a default user without an authentication popup), please
tell me!
4. Is there another solution?
Thanks in advance for your answers.
Vince
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>