So we have a bunch of security infrastructure there that keeps growing, but none of it is used anywhere. Is it possible we could get some of this hooked in?
Obviously this is an integration point that will require code changes in Geronimo, Jetty, and OpenEJB. We wouldn't be tied to each other specifically, but to the JAAS and JACC specs as required by J2ee 1.4 Anyone have any feedback on what it will take to get the following working? 1. Authentication: JAAS Login from Servlet container on any Form or Basic auth request. 2. Authorization: JACC permissions checks by the servlet container. 3. Authorization: JACC permissions checks by the ejb container. -David
