I am required to write a security feature where in i need to authenticate user at web tier in a servlet, and again i need to acertain user credentials at ejb tier , in a sesion bean. (Iam not using declarative security mechanism that generally uses deployment tools supplied by vendor)
For this i need to pass/propagate the security context from one tier/server to another tier/server. In my example, its from web server to application server. One way is to pass this data as parameter in every remote call to the session beans' methods. Other way is to use JNDI. But how to access the security context for a user from JNDI without passing the key as parameter to bean's method. =========================================================================== To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff EJB-INTEREST". For general help, send email to [EMAIL PROTECTED] and include in the body of the message "help".
