I believe that I already know the answer to this. But, if possible, it would be nice to have some confirmation.
I have an application that uses JAASRealm for authentication. Within my LoginModule class, is it possible to determine which resource the user is currently trying to access? My current interpretation of the documentation is that the authentication module simply knows who you are and what your credential (password) is. Upon successful authentication, the module returns with success/fail and the roles associated with that user. It's then up to the application itself to determine if the user's role has access to the requested resource. (this is usually declaratively stated, either through the web.xml configuration, or the struts configuration). Is my interpretation of things correct? Thanks. -- Jay Dickon Glanville --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]