Craig McClanahan wrote the following on 7/16/2005 1:03 AM:
For maximum positive benefit to the world, please cc your responses both here
Asked someone on our team (not on the Struts list) who handles the authentication stuff for our applications and he came up with:
----------------------------------------------------------------- Here's my Servlet API wishlist for authentication: * Standard support for custom authenticators: To integrate with SiteMinder, currently we use Tomcat's custom authenticator support which is a bit of a "hack" (applying the nicest possible term). * Standard way of accessing permission groups beyond "Roles": We have a custom JAAS login module to load account and access information from various sources. Currently to access data beyond the "Roles" group we have to make a separate call after the user logs in because there is no standard way of accessing other permission groups. * +1 on self-registration and "remember me" Beyond authentication: * Async NIO support * Standard FTPServlet * Apache-style rewrite rules ------------------------------------------------------------------ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
