I am not sure what you are trying to do here. Your application does not need to know what roles a user has with regard to url restriction. That is what container managed authentication is for. However, the servlet spec provides for a getUserPrincipal and isUserInRole methods. Note that if you update a user account while they are logged in, the change will not take effect. This is due to the roles being cached by both Tomcat and JBoss. I believe there is WIP on a feature request to allow dynamic updates though.
later cgriffith View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3946503#3946503 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3946503 ------------------------------------------------------- All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
