|
I have a question in terms of how JOnAS keeps the
ID and Context of the Client associated with the client in situations
like:
1. User is at a web page and logs in.
a. This alos authenticates them
with JOnAS in this example
2. The user goes to a page which hits a bean in
JOnAS
a. That bean has permissions set
on a method that is being called
Does the JSp server (tomcat for example) have to
resubmit the credentials, etc on every call to the EJB server? Or can JOnAS
somehow keep track that even though it cuts out and goes back to the web
browser, that this is the same user?
The same questions apply for the same above
scenario but with a Java App as a client. They make a call, and it returns to
their app, at which point the user can do something and then make a call again.
Does their app need to keep the login info ready for every call?
Robert
|
