Okay, I've seen such applications, including that on JBoss.org. When you initially arrive at the site, you are 'guest' which means you have been given a session, but have not authenticated. Then you can 'login' and then see other features of the application that weren't there when you weren't logged in. I'm guessing that none of this is done with J2EE and JAAS base authentication. This is simple session based stuff instead.
I'm just wondering if J2EE security can be used to get the same effect in JBoss, or not. -Neal On December 11, 2003 11:12 am, Scott M Stark wrote: > Its not likely the j2ee declarative security fits here as there > is no notion of reauthentication, and frankly, I don't know what > it means here either. You would have to describe the user case in > more detail. ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user