Authentication and authorization are supported in JBoss, even in two
variants: with JAAS and without.
I remember that the latter is described somewhere in JBoss FAQ.
Unfortunately (that's my fault) by now there is no docs on
JAAS security in JBoss.
But this topic where discussed several times in this mailing list,
all necessary instructions and tips were given.
Please, search in jboss-user mail archive for "JAAS".
Regards,
Oleg
On Wednesday 03 January 2001 20:26, Gedanken wrote:
> I need to choose a method for authenticating and authorizing users
> for various roles within my application. What are my options with
> jBoss? I know some containers such as WebLogic have techniques
> built in to aid a developer.
>
> Off the top of my head...
>
> - wrap the whole site behind an apache webserver and authenticate
> at that level. Not sure how i will communicate the results to my
> app however.
>
> - use a servlet/ejb component to use jndi to grab the username and
> password via basic http auth then compare to our ldap directory.
>
> are there other ways that are better/more obvious to those who are
> familiar with jboss? are there massive flaws with either of those
> two above approaches?
>
> specifics or general discussion both are much appreciated. I have
> some hard choices to make in a day or two =)
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
