>JAAS deals with person- (thread-) based authorisation and authentication.
>And like you know, security is the todays more critical concern in any
>EIS. What is about firewalls? Specifying how do EJB servers authenticate
>means to specify wich app. server proxies (Gateway/Firewall) EJB-Server's
>use. It's better to leave this concern to the OMG. I hope EJB/J2EE will
>rely to the OMG for interoperability (distribution, security,
>transaction).
>JAAS deals with security implementation details, SUN can integrate it with
>the J2EE RI, but shall not require EJB-server vendors to provide it.
JAAS deals with a Subject and a Subject is a collection of Principals. Why would
we leave this to OMG ?
Gee its been over 6 years since OMG has adopted the Security Service and there
STILL is no
interoperability on IIOP ? That make me just want to just run right over and
embrace OMG. This is not
to Sun has everything right but in the security space its better than OMG.
Thanks,
Anthony Nadalin
_______________________________
mailto:[EMAIL PROTECTED]
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
