Hi, Peter
No, I did not arrive at a solution. OTOH, we stopped using application
clients in production...didn't really need them.
I'm not convinced it doesn't work, it's just we didn't need to solve that
problem that badly.
Regards,
Arved
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Peter
Pontbriand
Sent: Monday, February 19, 2001 1:39 PM
To: Orion-Interest
Subject: Re: Application Client Security
Arved - or anybody - have you found a solution to this problem? Our
application uses DataSourceUserManager and accessing it from servlets works
reasonable well so far. However, when accessing it from an
application-client any credentials not declared in the principals.xml file
are rejected. Even worse, when a datasource user is defined with the same
login name, even credentials that are in principals.xml get rejected.
How does one use applications-clients to access applications that use
DataSourceUserManager?
P. Pontbriand
Canlink Interactive Technologies Inc.
----- Original Message -----
From: "Arved Sandstrom" <[EMAIL PROTECTED]>
To: "Orion-Interest" <[EMAIL PROTECTED]>
Sent: Wed, 13 Sep 2000 10:08:19 -0700
Subject: Application Client Security
> Hi, all
> I sort of asked about this before. Still haven't come up with a
> solution. A simple Yes or No as to feasibility would be helpful.
>
> In a nutshell, I switched over to a DataSourceUserManager
> plus the RoleManager. No real difficulty with EJB's, but
> using Orion API's for user management knocked an
> application-client out of the loop. No users, whether
> declared in the principals.xml or in the user database, are
> recognized anymore. I've tried all the obvious permutations,
> and am sort of at wits' end as to whether I can even use
> J2EE application clients once a user manager is in the picture.
>
> Any ideas?
>
> Arved Sandstrom
