Re: Best Authentication Approach

Francis Pouatcha Sat, 16 Sep 2000 03:25:22 -0700
Hi,

you don't have any authentication problem. Whatever techn. (LDAP, RDBMS,
File) you use to implement your reaml, organise your groups in a
hierarchical maner (so that E included_in D included_in C ... ).
Configure your security policy to reflect that groups (go into your web
archive DD and define security roles matching A, B, C ..., associate
them with resources you want to protect).

"Bolt, Dave" wrote:
>
> I have been debating the best way to authenticate users on our web app. The
> app is a Model 2 style servlet/jsp app with EJBs on the backend (AKA Java
> Blueprints).
>
> Our site has material that is graded for different levels of access. Our
> security needs are as follows.
>
> public access (Anonymous)
> Authenticated Access A
> Authenticated Access B
> Authenticated Access C
> Authenticated Access D
> Authenticated Access E
>
> Members of group B can see any public info and any info graded as A or B
> Members of group C can see public, A, B, or C info
> and so on...
>
> Think of the info as being classified (though it is not) as public,
> confidential, secret, top-secret, compartmented, etc.
>
> What is the best way to authenticate our web users?
>
> JNDI
> RDMBS (Oracle or SQL Anywhere)
> Other
>
> We would like the solution to be a single-sign-on solution and I have access
> to a copy of Netscape's Directory (LDAP) server (version 4.1)
>
> We have not yet chosen an EJB/Servlet/JSP container.
>
> Dave Bolt
> ATSC/SPAWAR ASAT Team
> Bolt's Law of Bandwidth - There is always plenty of network bandwidth, just
> none for you.
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST".  For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".

--
[EMAIL PROTECTED]

MATHEMA Software GmbH
N�gelsbachstra�e 25 b
91052 E r l a n g e n
D e u t s c h l a n d
Tel +49(0)9131/8903-0
Fax +49(0)9131/8903-55
http://www.mathema.de

===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST".  For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
Re: Best Authentication Approach

Reply via email to
