Hiya,
I've run into a small snag while designing one of my applications
and I'm hoping someone has a clever idea. I'm running JRun 3.1
on W2K/IIS 5.0.
I have two web sites defined on IIS. One of them is on port 80;
the other is on port 8888. Both web sites access the same JRun
server because I want them to easily share static objects, such
as caches.
While I would like the two ports to be able to share static
objects, I would also like to define their security differently.
On port 80, I want users to be able to access any application on
the JRun server, and on port 8888, I want users to be restricted
to a specific set of applications.
Developing Applications with JRun on page 228 states:
Finally, application security is determined at the JRun server
level. If two applications require different security management
systems, you should put them in separate JRun servers.
------------------
Does anyone know if this is a hard and fast rule? Is the only
option to write a servlet filter that would authenticate each
request coming into JRun based on the server port number? Is it
possible to configure the JRun connection filter or set some sort
of option in IIS so that only certain URL requests will be passed
through to the JRun server?
I know it is possible to easily set up two separate JRun servers
that would allow me to segment off the web applications, but then
I cannot share data as easily between the web applications.
Clearly, another option is to create EJBs for my caches, but I'd
prefer not to use that route right now. I am set on using
W2K/IIS; Apache is not an option.
Thanks,
Sam
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
