I did some more reading on SASL. As I mentioned earlier, it is a challenge/response based
mechanism between the client and the server. So there will be multiple message flow
between the client and server.
In the case of EJB invocations, there is a notion of clients and servers. In the case of
web invocations, there is just server that we are dealing with.
Scott, do you think we should make an attempt at SASL? The details will be hidden behind
the Security Client implementation and server side security manager implementation.
Any feedback?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4041679#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...