-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dirk,
On 5/24/12 4:51 PM, dirk ooms wrote: > changing a user object in the session is something i already did. I misspoke: SF stores the /user principal/ in the session. When you change that, the identity of the current user (roles and all) changes. Note that this is *not* container-managed security. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk++21oACgkQ9CaO5/Lv0PAd7ACff4eeBaBZVryXqmG3/Shj62hJ /hIAn3thz6husf/WnbJ4HYwCxNW+J82J =mWc5 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
