Deal of the Day

Home » Main » Manning Forums » 2005 » Struts Recipes

Thread: Security: Could you post these classes used in chapter 7

Reply to this Thread Reply to this Thread Search Forum Search Forum Back to Thread List Back to Thread List

Permlink Replies: 4 - Pages: 1 - Last Post: Jul 28, 2005 1:32 PM by: bmraczk
bmraczk

Posts: 6
Registered: 6/27/05
Security: Could you post these classes used in chapter 7
Posted: Jul 22, 2005 6:02 PM
  Click to reply to this thread Reply

Hi;

I am new to Manning. I bought the Struts Recipes book and enjoyed it. However, in chapter 7 example 7.9 you use to classes that are not available on line. They are

com.strutsrecipes.customgaurdaction.business.SecurityComponent

com.strutsrecipes.customgaurdaction.exception.SecurityViolationException.

Can you make these classes available for download? If not could you at least show the SecurityComponent.java file. Of course if you could allow the downloading of the com.strutsrecipes.customgaurdaction directory that would be fine too.

Thank you

George

Posts: 45
From: Toronto
Registered: 4/1/04
Re: Security: Could you post these classes used in chapter 7
Posted: Jul 25, 2005 12:59 PM   in response to: bmraczk in response to: bmraczk
  Click to reply to this thread Reply

Here's SecurityComponent. Of course, any production application worth its salt would go against a database, but that wasn't the main thrust behind this recipe. I guess that's why I didn't include it in the book. For what its worth, here it is ....

package com.strutscookbook.customguardaction.business;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class SecurityComponent {

private static Map users = new HashMap();

static {
List roles = new ArrayList();
roles.add("supervisor");
roles.add("appladmin");
users.put("user1", roles);

roles = new ArrayList();
roles = new ArrayList();
roles.add("manager");
roles.add("trainer");
users.put("user2", roles);
}

public boolean isAuthorized(String user, String role) {

List list = (List) users.get(user);

//no user
if (list == null) {
return (false);
}

//is role in list
return (list.contains(role));

}
}


Here's SecurityViolationException. Lately, I've been favoring unchecked exceptions. http://www.artima.com/intv/handcuffs2.html , but this recipe does it the old fashion way.

package com.strutscookbook.customguardaction.exceptions;

public class SecurityViolationException extends Exception {
}

bmraczk

Posts: 6
Registered: 6/27/05
Re: Security: Could you post these classes used in chapter 7
Posted: Jul 25, 2005 5:45 PM   in response to: George in response to: George
  Click to reply to this thread Reply

Hi;

Thank you!

So you did not use the roles set in the tomcat-users file. I thought that you were accessing that information using the SecurityComponent.java. Are there interfaces to the tomcat-users file?

Thank you for the exception information. I realized that you discuss that earlier in the book in chapter 5. Boy do I feel stupid!! :>|

George

Posts: 45
From: Toronto
Registered: 4/1/04
Re: Security: Could you post these classes used in chapter 7
Posted: Jul 25, 2005 8:53 PM   in response to: bmraczk in response to: bmraczk
  Click to reply to this thread Reply

You might be looking for recipe 7.4 Secure an action mapping using the container instead of 7.5 Customized action mapping security.

Both recipes secure action mapping, but 7.5 uses the container and 7.4 shows you how to tap into your own security mechanism using Struts. Check out recipe 7.4. Simply define username and roles in tomcat as you normally would. Once that is done, all you need to do is add a "roles" attribute to your <action> tag with a comma delimited list of roles.

bmraczk

Posts: 6
Registered: 6/27/05
Re: Security: Could you post these classes used in chapter 7
Posted: Jul 28, 2005 1:32 PM   in response to: George in response to: George
  Click to reply to this thread Reply

Thank you! I am realy trying to control where the user is sent if he does not have the proper role. I'd like the user to end up back at my login screen. I will reread 7.4. Thank you for your time.

Legend
Gold: 300 + pts
Silver: 100 - 299 pts
Bronze: 25 - 99 pts
Manning Author
Manning Staff
Manning Developmental Editor