Hi,
Me again !
I have been tasked with designing and implementing the security architecture for an enterprise level application. We want a single logon for authentication. Users and groups should be able to be managed from within the application ideally by an administrator. Oracle is our preferred back end.
The J2EE blueprints doc is pretty good at telling you how authentication info can be accessed from within various components and how this info is propagated around but the information on actually DOING the authentication is slim.
I looked at the Jboss docs - and the sum total of info in there is "Users can be stored in a database".
Has anyone attempted this kind of thing before and can you point me in the direction of any available info ?
Sorry is this is a little fluffy for a technical list - but I'm trying my best to swim in the deep end - been quite a while since I did code ;-)
Graeme Wilson
