The Subject is the more general representation of the authenticated user, but different j2ee layers use different representations. There is no guarentee that you can control the prinipcal available from the ejb/web tiers. You do have more control over the Subject, but really authentication is not standardized in terms of how you do this either. Whatever works currently is the bottom line. When jsr196 is included this should be standardized.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3913802#3913802 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3913802 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user