Thanks for your response. Please see inline >Create a view that does.
Views are an interesting possibility. However, something like MySQL for example, doesn't support views. If I was controlling the access to this functionality in the application then this wouldn't be a problem as I would be able to "fake" a view in the case someone is running MySQL. >>I would also >> like to keep the application as portable as possible across containers. >> >It has to be, with any J2EE based container, which I think is all of them. >From what I have gathered, not every container supports the JDBC Realm concept. Resin for example has this sort of concept and it seems to be a bit more flexible then Tomcat's because you can specify an actual query in the xml configuration file. This sort of functionality is pretty much non standard, with the exception of what is in the Servlet specification which all containers use. However, storing user information and roles in an XML file is most often not appropriate. I know that other containers, WebSphere for example, has an interface which you can create for custom authentication sources. >Not standard. Look at action - mapping, which uses CMA. >Like you said, just do is_user_in role in action, KISS and then extend. >hth, >.V Agreed. This is what I would like to do. Having actions mapped to security roles. I'm just not sure that it will be possible and remain portable. Thanks again, John This communication is intended for the use of the individual(s) or entity it was addressed to and may contain confidential and/or privileged information. If the reader of this transmission is not the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited. If you receive this communication in error, please notify the sender immediately and delete this communication from your system(s) to which it was sent and/or replicated to. (c) 2002 Sapiens Americas Corp. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
