[prev in list] [next in list] [prev in thread] [next in thread] 

List:       struts-user
Subject:    Re: [S2] User authentication best practice (2nd time...)
From:       "Joe Germuska" <joe () germuska ! com>
Date:       2007-01-31 20:22:20
Message-ID: 242960fe0701311222q42a166c6o2a07779c86b4db38 () mail ! gmail ! com
[Download RAW message or body]


On 1/31/07, Sébastien LABEY <sebastien.labey@gmail.com> wrote:
>
> Hi all (sorry for the previous unterminated mail),
>
> I would like to know if S2 provides a solution to manage user
> authentication.


In short, no.  S2 has a RolesInterceptor which allows you to specify that
users in certain roles are allowed or disallowed from proceeding to the
action invocation.  This uses HttpServletRequest's isUserInRole method, so
it leverages any authentication system which can be tested through that.

Anything more would be hard to find the sweet spot for the right number of
users.

If someone had the right idea, perhaps someone could leverage the plugin
framework to provide support for authentication.

Joe

-- 
Joe Germuska
Joe@Germuska.com * http://blog.germuska.com

"The truth is that we learned from Joăo forever to be out of tune."
-- Caetano Veloso


[prev in list] [next in list] [prev in thread] [next in thread]