>>
while browsing through the cocoon docs, i realised, that
cocoon offers an authentication mechanism on it's own.
Since i'm developing webapplications using tomcat i
naturally use the authentication Realms provided by tomcat.
But when i want to use cocoon on top of tomcat, what shall i do:
Either drop the cocoon authentication in favour of the
tomcat auth. or vice versa ?
<<
That basically depends on what you want to achieve. The Cocoon authentication mechanism will allow you to "protect" individual pipelines or groups of pipelines (read: application). The Cocoon authentication mechanism is completely based on Cocoon pipelines and the default version authenticates against files. But you can extend (or change) the authentication pipeline so that say a database is used (or LDAP) or whatever system happens to be there.
The Cocoon authentication framework also contains simple browser based tools that you can then use to administrate the user database (_should you need them_).
So the real advantage is the tight integration in Cocoon and the flexibility.
Hope this helps for starts
Matthew Langham
S&N AG
