Thanks for the answer Tomas. Well I tried to look it all up running google queries all over the place... hmm... What I wanted was:
#1 login #2 call methods #3 logout so the natural way seemd to use the JAAS login when the user arrivs and logging him out once he goes. The thing i wanted to implements was some soft-user-tracking. so the user has no password and is idientified by his id (stored in a cookie) only. I know I have to watch out for buggy browser and XSS. But this is supposed to not be implemented on any *harmful* cases anyway. Thanks for the answer I'll look into the BASIC and FORM base auth. It whould be nice though if you could elaborate on that ClientLoginModule part a bit or hint me to a thread I did not find. kindest regards, Moritz Angermann View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3887783#3887783 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3887783 ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user