But surely this is handled by the container. If the container's
implementation is not sufficient (e.g. it doesn't allow password file
validation that an app requires), should it not allow something like a JAAS
module to be plugged in? This would allow code to be written in a consistent
way (or not written at all if more fine-grained security is not required)

Walter

-----Original Message-----
From: James Ward [mailto:[EMAIL PROTECTED]]
Sent: 08 July 2002 16:45
To: Struts Users Mailing List
Subject: RE: Re: [ARTICLE] Using JAAS and Struts


Not if you want to have security on the method level of your ejb's.
JAAS is the way to go for security in distributed apps.  If you just
have a simple web app with no j2ee stuff, then sure, add a few lines to
your web.xml file.  If you have something more complex, use JAAS.

-James


> -----Original Message-----
> From: Struts Newsgroup (@Basebeans.com) [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 08, 2002 9:40 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [ARTICLE] Using JAAS and Struts
> 
> Subject: Re: [ARTICLE] Using JAAS and Struts
> From: "Vic C." <[EMAIL PROTECTED]>
>  ===
> If I may,
> he does a *lot* more than he needs and mkaes it complex. He can just
set
> up a few lines in WEB.XML and he is done.
> 
> matt_raible wrote:
> > I saw this from the Denver JUG this morning, thought some folks
> > might be interested:
> >
> > http://www.mooreds.com/jaas.html
> >
> > Downloads and code samples from:
> >
> > http://www.mooreds.com/
> >
> >
> > --
> > To unsubscribe, e-mail:   <mailto:struts-user-
> [EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:struts-user-
> [EMAIL PROTECTED]>
> >
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:struts-user-
> [EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:struts-user-
> [EMAIL PROTECTED]>


--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to