Advantage of JAAS is that it deeply integrated into JEE. EJB3 allows you to have method access security, Seam gives you isUserInRole, userPrincipal components, Tomahawk gives you attributes to disable/hide the JSF component and probably some more which I'm unaware of :). The one thing I haven't seen is a nice way of authenticating using a Seam component.
It is a bit difficult getting JAAS set up, but once all the xml files are correct it does 'just work'; there is a security example on the wiki which should get you going (be careful to put all the xml files in the correct archive and in the correct place (META-INF or archive root)). View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3965988#3965988 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3965988 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
