Subject: Re: [ARTICLE] Using JAAS and Struts
From: "Sebastian Millies" <[EMAIL PROTECTED]>
===
You're right that there is as yet no standard and portable way of
integrating JAAS with container-based security. Different vendors
approach this problem differently. So it's either
1) select a container vendor who offers a solution and stick with it
(e.g. JBoss)
or
2) roll your own JAAS-based security, even if it means not using
much of the container-based mechanisms.
Again, I am sure that this will be addressed in a future J2EE spec.
-- Sebastian
"Phase Web and Multimedia" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]...
> This all sounds great if you are running only one app on Tomcat. I don't
see
> where it addresses having webapp level control of url mappings. It sounds
to
> me like JAAS serves well on a container level/single app level. But in a
> shared hosting environment where you need to have specific webapps with
> their own set of permissions and their own user info database/ldap/etc...
it
> wont' suffice. Am I wrong? Because if I am I need to be using this for my
> Struts apps. I saw a spec that seems to address this better (I think).
>
> Here is the link:
> Java Authorization Contract for Containers:
>
ftp://ftp.java.sun.com/pub/spec/java_authorization_contract/POqt9333BB/jacc-
> 1_0-prd-spec.pdf
>
> Brandon Goodin
> Phase Web and Multimedia
> P (406) 862-2245
> F (406) 862-0354
> [EMAIL PROTECTED]
> http://www.phase.ws
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
