I received the following e-mail from Berny, the author of StrutsCX.
Thanks Matt for hosting a StrutsCX sample. As the author of StrutsCX I do have some news for you: There is a new release with support of FOP/PDF, client side XSLT, XSL pipelineing and included Struts Validator. Check out http://it.cappuccinonet.com/strutscx.
Would be great if you could update on the latest version. Would you mind if I put a link on the StrutsCX Homepage to the Demo?
Thanks,
Berny
I actually upgraded my demo site when I received his e-mail on Saturday, but didn't get around to returning his e-mail until today. I dig the Validator stuff - only seems to be server-side though.
The original blog entry by Robert Rasmussen has disappeared from the Internet (cannot find server) so I'm reproducing it here via Google's caching feature. I've made a few changes to pretty up the formatting, but that's about it.
I've been pulled into a little internal project, and one of the requirements is that users should be able to authenticate with their Windows login and password. IIS may or may not be in the picture.
Since the server is a Windows 2000 machine, this turns out to be extremely simple to do thanks to Andy Armstrong's JAAS login modules.
Once you've downloaded the login modules, set your classpath accordingly and
make sure that the directory holding NTSystem.dll is in your %PATH% variable.
Next, in the "Sample config" folder you'll find a tagish.login
file and a java.security.sample file. The last line in the .sample
file is significant, and it needs to be in your $JAVA_HOME/jre/lib/security
folder (in a file named java.security). You should copy the tagish.login
file there as well. If your users will always be logging into the same domain
(which is the case in my situation), just set the defaultDomain property in
tagish.login, like this:
NTLogin
{
com.tagish.auth.win32.NTSystemLogin required returnNames=true returnSIDs=false defaultDomain=YOUR_DOMAIN_HERE;
};
Now, all you need to do to use Windows authentication in your webapps is to
make one addition to your server.xml file (or to your specific
context's definition):
<Realm className="org.apache.catalina.realm.JAASRealm" debug="99"
appName="NTLogin"
userClassNames="com.tagish.auth.win32.NTPrincipal"
roleClassNames="com.tagish.auth.win32.NTPrincipal" />
I'll admit this config is slightly hokey. If you look at the Catalina JAASCallbackHandler (which is hardwired to JAASRealm), the way that I have the realm configured above pretty much counts on the User principal (in effect, the user name) being the first principal returned. This is evil, but it works. It would be nice if either Catalina allowed a pluggable CallbackHandler so that I could take advantage of the NTPrincipal.getType() method or if Andy's code returned subclasses of NTPrincipal like UserPrincipal or GroupPrincipal that I could specify in server.xml.
Once you've got this all configured, the various groups your users belong to equate to role names (so if I belong to an administrators group, my authenticated user will be in role "administrators"), and you can configure security in your webapps using these roles.
Does anyone know of a comparative analysis of Struts, WebWork, Barracuda and Maverick. I'd love to find a paragraph or two that I could quote in my chapter on Struts. I'm not at all attempting to say that Struts is better than any of these - I just want to give a fair shake to each one. The reason I'm writing this chapter on Struts is because that's what I'm most familiar with.
Thanks,
Matt
If you're having font-size problems with this site since I added the dynamic font re-sizeing, I apologize. It was a problem with the fact that I was using percentages for the base font, rather than pixels. So it set the initial font to 70px rather than 70%!! I've reset the base font to be 11px - deleting your cookies or hitting the "R" button should fix the problem. Tip o' the hat to John Cavacas (no blog from what I can tell).
The Struts Committers are voting on a release plan for a 1.1 Release Candidate. Lots of +1's so far, so I'd expect it in the next couple of days. The release plan says tomorrow is the code freeze date.
