PARDEY Meaghan wrote:
>
> I haven't heard any reply yet...does anyone know if you can use JAAS 1.0
> (which is part of the standard extensions of JDK 1.3) with the latest
> release build of Tomcat?
You can use JAAS Authentication in TC by writing a JAAS Realm. JAAS
authorisation can also be done inside the realm. Neither TC 3 or 4, nor
in fact does the servlet API spec support the idea of multiple
principals as does JAAS. Security context propagation to other
containers, such as EJB is a problem. I have a working JAAS Realm but
not sure if it will be made public.
Rgds
--
Antony Bowesman
Teamware Group
[EMAIL PROTECTED]
tel: +358 9 5128 2562
fax: +358 9 5128 2705
