Joe Gittings wrote:
>
> Thanks for that, Philippe.
>
> An obvious follow-up question (since I don't know much about J2EE
> security), is what (if anything) will be *missing* from the Jonas 2.1
> implementation of security?
I think everything will be there for EJB part of J2EE when using
Jeremie.
The initial security context must be intiated by the EJB client (servlet
or java client) after user authentification. We will provide a full
example of security context initilisation with Tomcat using Jeremie (it
will be done in similar way with Enhydra Enterprise).
What will be missing is:
- java client authentification (and security context intialisation)
- security context propagation in the case of RMI
- secure communication (i.e using SSL) but this is not required by J2EE
1.2.
--
G�rard Vandome Evidian
[EMAIL PROTECTED] phone: 33 4 76 29.75.67
http://www.objectweb.org http://www.evidian.com
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
