[jboss-user] [Security & JAAS/JBoss] - Re: Programmatic Authentication in JBoss?

eschulma do-not-reply at jboss.com
Tue Feb 6 15:55:09 EST 2007

After a lot of time spent on this, the issue seems to be Tomcat (or arguably the Servlet specification) more than JBoss.   A variant on the JassLoginFilter in the How-To works fine for accessing JBoss resources.  Also as mentioned in the FAQ, #21.  But there seems to be no straightforward way to log in to the Tomcat container programmatically, it is necessary to use web.xml and j_security_check etc.  From what I can see online I'm not alone in my desire to find another way.

It is very nice that WebLogic and Sun provide convenience classes for this purpose.  I can see though that doing this is arguably outside the scope of the application server.

At this point, I'm just going to use EJB/POJO security as provided by JBoss, and ignore things like Struts role-based security.  Maybe the servlet spec will have this someday.  :-)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012142#4012142

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4012142

More information about the jboss-user mailing list