VisualBuilder
  Home > Jsp > Tutorials > Security in Struts - Struts Tutorial
Tell a friend
Link to us
Total Members
      Members: 84661
     
Sitemap Forum Chat
Home
Struts Tutorial Home
1 . What is Struts?
2 . Why do we need Struts?
3 . Advantages of Struts
4 . Setting up Eclipse for Web Development
5 . Registration Case Study
6 . Setting up Struts project in Eclipse
7 . Creating an ODBC Data source
8 . Configuring Application Server
9 . Struts Configuration
10 . Writing the User class
11 . ResourceManager
12 . Writing the Struts Business Component
13 . Creating the Action Class
14 . Adding ActionForward
15 . Deploy the Struts Application
16 . Adding the Form bean
17 . Configuring Form Bean in struts-config.xml
18 . Using Struts Tag Libraries
19 . Listing all Users - Struts Iterator Looping
20 . Add User Action - New Struts Action Class
21 . Add User View
22 . Validating Struts Form Bean
23 . Review of the Struts Tutorial
24 . Introduction
25 . DispatchAction
26 . DispatchAction Example Continued...
27 . Introduction to DynaActionForm
28 . DynaActionForm Example Continued...
29 . Struts solution to Duplicate Form Submission (Token mechanism)
30 . Introduction to Validation framework
31 . Example Continued Validation Framework.
32 . Client Side Validation
33 . Introduction to Standard Validator-Rules.xml
34 . Creating custom Valdator rules
35 . Extending the Validator Rules with the inherited SubForm Classes.-2
36 . Internationalization in struts application
37 . Exception Handling in Struts
38 . Creating Custom Exception Handlers in Struts-1
39 . Creating Custom Exception Handlers in Struts.-2
40 . Creating Plugin for the Struts Application. -1
41 . Creating Plugin for the Struts Application. -2
42 . WildCard Character mapping for the Actions-1.
43 . WildCard Character mapping for the Actions-2.
44 . WildCard Character mapping for the Actions-3.
45 . Uploading the Files to Server Using Struts-1
46 . Uploading the Files to Server Using Struts-2
47 . Introduction to Modules in Struts Application
48 . Modules Example-1
49 . Modules Example-2
50 . Customizing the ActionServlet Class for the application-1.
51 . Customizing the ActionServlet Class for the application-2.
52 . Customizing the ActionServlet Class for the application-3.
53 . Customizing the ActionServlet Class for the application-3.
54 . Customizing RequestProcessor Class for the application-1.
55 . Customizing RequestProcessor Class for the application.-2
56 . ComposableRequestProcessor in Struts 1.3
57 . Adding New Command Objects in Struts CoR Pattern
58 . Security in Struts
59 . Example for the Application Managed Security-1
60 . Example for the Application Managed Security-2
 
 
JSP Home
JSP Members (18709)
JSP Member Articles ( 11 )
JSP Discussion (71)
JSP Q & A ( 87 )
- JSP Ask Question
- JSP Questions
- JSP Unanswered Questions
JSP Resources
JSP Source Code (172)
JSP Articles (34)
JSP Blogs (333)
JSP Jobs (0)
JSP Components (10)
JSP Books (9)
JSP Websites (13)
JSP News (12)
 
GROUPS
.NET
ASP.NET
.NET
C#
ASP
Visual Basic
Java
Java
JSP
EJB
Other
Delphi
C++
Ajax
UML
JavaScript
PHP
Web Design
Web Hosting
SQL Server
Oracle
Project Management
More Groups

 
LEARNING CENTER
TUTORIALS
.NET
.NET Tutorial
ASP Tutorial
ASP.NET Database Tutorial
ASP.Net Security,Internationalisation And Deployment
ASP.NET Tutorial
C# Tutorial
Web Development
Flex Tutorial
HTML Tutorial
Learn AJAX Tutorial
PHP Tutorial
Software Development
Database Tutorial
SQL Tutorial
UML Tutorial
Java
Ant Tutorial
EJB 3 Tutorial
Hibernate Tutorial
Java Tutorial
Java Web Component Tutorial
Java XML Tutorial
JDBC Tutorial
JDK1.5 Tutorial
JSF Tutorial
JSP And J2EE Design Tutorial
JSP Tutorial
Spring Tutorial
Struts Tutorial

RESOURCES
Q & A (451 )
Source Code (3275 )
Articles (359 )
Books (372 )
Components (1596 )
News (892 )
Websites (1207 )

SUBMISSIONS
Submit Article
Submit Website
Submit News
Submit Source Code
Submit Component

COMMUNITY
Members Directory
Discussion Forum
Chat

SITE
About Us
Sitemap
Search
Contact Us
Link To Us
Feedback
Tell a Friend
Partners
Advertise

Jsp struts Tutorial
 Security in Struts
  << Prev: Adding New Command Objects in Struts CoR Pattern Next: Example for the Application Managed Security-1 >>















Implementation For Container ManagedImplementation For Application Managed


  • Authentication and Authorization are specified in web.xml.

  • It uses multiple authentication schemes, such as Password Authentication Form-based Authentication Client side Digital Certificates etc..

  • Redirects are handled automatically.

  • User data can be provided by a variety of stores xml file or flat files. In tomcat the Data is provided in TOMCAT_HOME/conf/tomcat-users.xml




  • Extending RequestProcessor (in previous versions)or AuthorizeAction (After 1.3).

  • Cookies

  • Using Servlet Filters.

  • Using SSLEXT with Struts to enable HTTPS.



 


The following is the Example to implement the Container Specific Security in Tomcat.


 


(1) tomcat-user.xml File


 


<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
    <role rolename="tomcat"/>
    <role rolename="role1"/>
    <role rolename="admin"/>
    <user username="tomcat" password="tomcat" roles="tomcat"/>
    <user username="both" password="tomcat" roles="tomcat,role1"/>
    <user username="role1" password="tomcat" roles="role1"/>
    <user username="visualbuilder" password="test" roles="admin"/>
</tomcat-users>


(2) Web.xml file


<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet>
    <servlet-name>action</servlet-name>
    <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
    <init-param>
        <param-name>config</param-name>
        <param-value>/WEB-INF/struts-config.xml</param-value>
    </init-param>
    <load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>action</servlet-name>
    <url-pattern>*.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
    <web-resource-collection>
        <web-resource-name>application</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>securityapp</realm-name>
</login-config>
<security-role>
    <description>Testing the Application Security</description>
    <role-name>admin</role-name>
</security-role>
</web-app>


Output:-


The following screen appears when you try to run the application. It will ask for username and password and once you enter "visualbuilder" as username and "test" as password then only it will display the pages of the application.
  << Prev: Adding New Command Objects in Struts CoR Pattern Next: Example for the Application Managed Security-1 >>
Jsp Struts Tutorial Home
Give feedback and win a prize.

 
   Printer Friendly
   Email to a friend
   Add to my Favourites    
  Download PDF version
   Report Bad Submissions
   Submit Feedback
 
  Delicious   Digg   Technorati   Blink   Furl   Reddit   Newsvine   Google Click each image to add
this page to each site.
 
 
Welcome Guest Signup
MEMBER'S PANEL
EMAIL
PASSWORD
Forgot your password?
New User? Click Here!
 
Resend Activation Email!
 
SEARCH
 
 
 
ADVERTISEMENT
Partner List
Code Project
ASP Alliance
More
 
 
 
 

Home | Login | About Us | Contact Us | Privacy Policy | Advertising

© copyright 1999-2008 VisualBuilder.com