Hi All, 1. Is there are way to enfore security in orion using web.xml but use a database for user instead of principals.xml. The problem with principals.xml file is obvious that it is a plain text data not a place for putting passwords. 2. How is the EJBUser, DatasourceUser linked to web.xml based security access. My limited understanding playing with Orion is that there seems to be no connection at all. RoleManager Or UserManager returns java.security.User based class which is not ( or rather cannot be in case of EJBUser) implemented by these classes? Has anyone used web.xml based security at all for any serious application in orion? - thanks Krishnan
