Joe - Your comment
My main issue with Container Based auth is its inability to support user-initiated login -- it only works by intercepting a request for a normal resource and then challenging for login. struck a chord with me - it's one of the reasons I've never looked at implementing CMS. How do you handle this? Roll your own? Jerry Jalenak Senior Programmer / Analyst, Web Publishing LabOne, Inc. 10101 Renner Blvd. Lenexa, KS 66219 (913) 577-1496 [EMAIL PROTECTED] -----Original Message----- From: Joe Germuska [mailto:[EMAIL PROTECTED] Sent: Thursday, January 27, 2005 9:32 AM To: Tim Christopher; Struts Users Mailing List Subject: Re: Struts Security At 10:05 AM +0000 1/27/05, Tim Christopher wrote: >Hi, > >I've never used EJB so have no idea what this means, can someone >explain please? > >"When SecurityFilter is used, a user's Principal will not >automatically be propagated to EJB calls. If this is a requirement for >your application, you may not be able to use SecurityFilter." If you don't use EJB, then it's not an issue for you, but part of the appeal of container managed security is that it makes the same java.security.Principal (representing the authenticated user) available to both the servlet and the EJB layer code. I haven't used SecurityFilter before, but it looks handy. My main issue with Container Based auth is its inability to support user-initiated login -- it only works by intercepting a request for a normal resource and then challenging for login. Joe -- Joe Germuska [EMAIL PROTECTED] http://blog.germuska.com "Narrow minds are weapons made for mass destruction" -The Ex --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This transmission (and any information attached to it) may be confidential and is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient or the person responsible for delivering the transmission to the intended recipient, be advised that you have received this transmission in error and that any use, dissemination, forwarding, printing, or copying of this information is strictly prohibited. If you have received this transmission in error, please immediately notify LabOne at the following email address: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
