I've thought about authentication and authorization. It seems you can usually protect the system using authentication module for the existing application (e.g. JAAS, ACEGI). But, if you are developing a highly sensitive system, you may want to add an additional layer of security. With the additional layer, if someone can connect to the system and has processId's (highly unlikely), you can prevent the system from unauthorized activity.
In general, it seems you don't need the authentication and authorization that comes with jbpm. My 2 cents. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933816#3933816 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933816 ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
