Hi, Peter
No, I did not arrive at a solution. OTOH, we stopped using application
clients in production...didn't really need them.
I'm not convinced it doesn't work, it's just we didn't need to solve that
problem that badly.
Regards,
Arved
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Peter
Pontbriand
Sent: Monday, February 19, 2001 1:39 PM
To: Orion-Interest
Subject: Re: Application Client Security
Arved - or anybody - have you found a solution to this problem? Our
application uses DataSourceUserManager and accessing it from servlets works
reasonable well so far. However, when accessing it from an
application-client any credentials not declared in the principals.xml file
are rejected. Even worse, when a datasource user is defined with the same
login name, even credentials that are in principals.xml get rejected.
How does one use applications-clients to access applications that use
DataSourceUserManager?
P. Pontbriand
Canlink Interactive Technologies Inc.
- Original Message -
From: "Arved Sandstrom" [EMAIL PROTECTED]
To: "Orion-Interest" [EMAIL PROTECTED]
Sent: Wed, 13 Sep 2000 10:08:19 -0700
Subject: Application Client Security
Hi, all
I sort of asked about this before. Still haven't come up with a
solution. A simple Yes or No as to feasibility would be helpful.
In a nutshell, I switched over to a DataSourceUserManager
plus the RoleManager. No real difficulty with EJB's, but
using Orion API's for user management knocked an
application-client out of the loop. No users, whether
declared in the principals.xml or in the user database, are
recognized anymore. I've tried all the obvious permutations,
and am sort of at wits' end as to whether I can even use
J2EE application clients once a user manager is in the picture.
Any ideas?
Arved Sandstrom
