[jboss-user] [Security & JAAS/JBoss] - Re: Programmatic Authentication in JBoss?
do-not-reply at jboss.com
Tue Feb 6 15:55:09 EST 2007
After a lot of time spent on this, the issue seems to be Tomcat (or arguably the Servlet specification) more than JBoss. A variant on the JassLoginFilter in the How-To works fine for accessing JBoss resources. Also as mentioned in the FAQ, #21. But there seems to be no straightforward way to log in to the Tomcat container programmatically, it is necessary to use web.xml and j_security_check etc. From what I can see online I'm not alone in my desire to find another way.
It is very nice that WebLogic and Sun provide convenience classes for this purpose. I can see though that doing this is arguably outside the scope of the application server.
At this point, I'm just going to use EJB/POJO security as provided by JBoss, and ignore things like Struts role-based security. Maybe the servlet spec will have this someday. :-)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012142#4012142
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4012142
More information about the jboss-user