I'm interfacing a servlet-based front end to an EJB back end (isn't everybody?) using tomcat + jboss. My issue is that I need to authenticate using my EJB security bean, but I want to associate the resulting subject with the users session in tomcat (as if I had performed container authentication). Are custom realms the ONLY way to do this (ugh)? Is there any way to cache the subject in the session, and just somehow associate it with the thread's security context (sounds like this would be easier) when processing? I haven't found any good docs on writing a custom realm, has anyone written any?
Any help/pointers/solutions will be appreciated. Thanks -Jason -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
