> Uday Kamath wrote:
>
> Hi
> We are trying to evaluate JONAS for our enterprise solution..Reading
> the
> documents, have following question.
> 1. Can JONAS Security work without the TOMCAT/Servlet. We need clients
> to
> login and containers to authenticate the access rights and method
> privileges etc, without
> tomcat in between?
> Thanks in anticipation
> Regards
> Uday
>
> Sr. Software Engineer
> www.dharbor.com
We were talking about TOMCAT because it provides an authentication
process
that JOnAS doesn't provide.
If you are not interested by TOMCAT and you have your own authentication
process
you can use JOnAS security mechanisms for propagating the security
context
and access control as specified in the EJB Specification.
All you will have to do after authentication is to create a Security
Context
and associates it to the current thread, something like that:
import org.enhydra.security.avs.api.SecurityCurrent ;
import org.enhydra.security.avs.api.SecurityContext ;
Principal principal = xxxxxx.getUserPrincipal() ;
SecurityContext ctx = new SecurityContext (principal.getName()) ;
SecurityCurrent current = SecurityCurrent.getCurrent () ;
current.setSecurityContext(ctx) ;
I hope it helps
Best regards,
--
Philippe
Philippe Coq Evidian Phone: (33) 04 76 29 78 49
Bull S.A - 1 rue de Provence - 38432 Echirolles Cedex France
Download our EJBServer at http://www.objectweb.org
----
This list is cross-posted to two mail lists. To unsubscribe,
follow the instructions below for the list you subscribed to.
For objectweb.org: send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe ejb-container-group".
For enhydra.org: send email to [EMAIL PROTECTED] and include
in the body of the message "unsubscribe ejb-container-group".
