> Of course, the J2EE needs to standardize on context propagation to get
> container-container integration. Since the container-container
integration
> is done through RMI/IIOP the context propagation of J2EE should use the
> standards of the CORBA-world.
>
oh come on ... there is NO standard in the Corba world for secure
association
(sending the privilege attributes across the wire). Its far too complex,
they have
had many trys at this and failed.
> > In summary, let's say JAAS can be used for authentication when
> > implemeting J2EE Java-Clients.
>
> I believe that the most important feature JAAS has that J2EE doesn't is
> flexibility of authentication. I don't believe that it is always up to
the
> container to decide.
>
> > So if you see any other integration point between EJB(J2EE) and JAAS,
or
> > someting wrong in that countered above, let me know your opinion.
> >
> > Thanks.
Have you read the RMI Security Extension draft ?
> > --
> > Francis Pouatcha
> >
> > MATHEMA Software GmbH
> > http://www.mathema.de
> >
Thanks,
Anthony Nadalin
_______________________________
mailto:[EMAIL PROTECTED]
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
