This would be very useful, as webapps often have to perform actions beyond what J2EE APIs provide (get all users in group, get all groups, add users/groups/membership). The advantages would be twofold: you would only have to configure your user store once in server.xml; and if you change between XML, JDBC or LDAP user stores at the server level, you don't have to touch your application-level configuration.
Or am I misreading the whole purpose of J2EE container authentication? Should J2EE authentication be reserved for server administration-level applications like the manager, and should we use a different system for application-level access and authentication altogether?
-- Bill Schneider Software Architect
Vecna Technologies, Inc. 5004 Lehigh Road, Suite B College Park, MD 20740 [EMAIL PROTECTED] t: 301-864-7594 f: 301-699-3180
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]