> SG wrote:
>
> I have a question in terms of how JOnAS keeps the ID and Context of
> the Client associated with the client in situations like:
> 1. User is at a web page and logs in.
> a. This alos authenticates them with JOnAS in this example
> 2. The user goes to a page which hits a bean in JOnAS
> a. That bean has permissions set on a method that is being called
>
> Does the JSp server (tomcat for example) have to resubmit the
> credentials, etc on every call to the EJB server? Or can JOnAS somehow
> keep track that even though it cuts out and goes back to the web
> browser, that this is the same user?
>
> The same questions apply for the same above scenario but with a Java
> App as a client. They make a call, and it returns to their app, at
> which point the user can do something and then make a call again. Does
> their app need to keep the login info ready for every call?
>
> Robert
Hi,
the role of JOnAS runtime on the client side is only to associate a
current thread
with a security context and to propagate it (if needed) with
the with the call to the JOnAS server.
You can see how is made the thread association in the
SecurityCtxInterceptor3x
for Tomcat for example.The prpagation treatment is made at the stub
level.
regards
--
Philippe
Philippe Coq Evidian Phone: (33) 04 76 29 78 49
Bull S.A - 1 rue de Provence - 38432 Echirolles Cedex France
Download our EJBServer at http://www.objectweb.org
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
