Why not use J2EE security?
-----Original Message-----
From: Carlos Otero Barros [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 31, 2001 8:31 AM
To: [EMAIL PROTECTED]
Subject: Is LoginServlet bad practice?
Hi All!
Recently I have been envolved in a discussion about the convenience of
encapsulating login process in a separate servlet. Namely LoginServlet.
My opinion is this is a bad practice from a security point of view.
Internal personel could substitute the LoginServlet with any other
simple servlet with the same methods() and take the whole web site
unsecured.
Your opinion?
Thanks
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
