All geek questions in one place

Struts 2.isUserInRole Access Request

I am developing a small Java EE application using Struts 2 and Rest Services through a J7SS AS7 server.

I use FORM auth for REST and web content, and I have no problems with REST, but on the Internet I have to distinguish between the roles "manager" and "admin" to show some additional admin users.

I would like to do something like:

 <s:if test="#request.isUserInRole("admin")>

but that will not work.

Do you know any way so that I can achieve something like this? How do I distinguish roles in my JSP pages?

+4
source share
2 answers

You can use PrincipalAware to implement it using the action used to render the JSP. When you implement it in action, Struts2 introduces a PrincipalProxy object to your action. Ensure that the servlet-config interceptor is applied to the action.

 public class MyAction extends ActionSupport implements PrincipalAware { protected PrincipalProxy principal; public void setPrincipalProxy(PrincipalProxy principalProxy) { this.principal = principalProxy; } public PrincipalProxy getPrincipal() { return principal; } }

This object can be found in valueStack on the JSP page and do something like

 <s:if test="principal.isUserInRole('admin')">

You can also access this information from How to Get Security Information (JAAS).

+1
source

I solved it as follows:

importing:

 <jsp:directive.page import="com.opensymphony.xwork2.util.ValueStack"/> <jsp:directive.page import="com.opensymphony.xwork2.ActionContext"/> <jsp:directive.page import="org.apache.struts2.ServletActionContext"/>

then a styling request with:

 <jsp:scriptlet><![CDATA[ ValueStack stack = ActionContext.getContext().getValueStack(); stack.set("httpServletRequest", ServletActionContext.getRequest()); ]]></jsp:scriptlet>

and check the roles:

 <s:if test="httpServletRequest.isUserInRole('admin')">
0
source

Source: https://habr.com/ru/post/1485163/

More articles:


All Articles