Santiago Gala
Mon, 26 Feb 2001 15:21:47 -0800
Steve Freeman escribió: > > Santiago, > > The problem is that the built-in code is per-process (read: per-JVM) and it > not the required per-thread which we need for Jetspeed. So we couldn't use > the internal stuff without extending the Jetspeed code to do the ACL > checking. Let me be *very* clear: The Jetspeed code *must* initiate the > ACL processing. If I understand correctly, it is because we need to act on behalf of a different (Subject/Principal,younameit) for each incoming request --> potentially new thread. > > JAAS allows you to plug in new auth mechanisms. It still has the problem > as per the above statement. I think doAs() will work correctly, but I could be wrong. Still, JAAS *requires* jdk1.3, and I don't think we can throw away jdk1.2 compatibility yet. I noticed it today. -- -------------------------------------------------------------- To subscribe: [EMAIL PROTECTED] To unsubscribe: [EMAIL PROTECTED] Search: <http://www.mail-archive.com/jetspeed@list.working-dogs.com/> List Help?: [EMAIL PROTECTED]