Sudhir, Are you deploying your webapp outside of WebLogic? The answer to your question really depends on the web container you are using. For example, I don't *think* there is any 'production' ready support for a JAAS Realm in Tomcat. If you are deploying to the WebLogic web container, then RTFM the WebLogic security docs. They are pretty good. JAAS is an integral part of J2EE and is provided by the container ( I don't think WL 6.x provides *authorization* with their JAAS implementation, however - only authentication ). If you are using/can use container security, there should be no need to write your own LoginContext and callback handler, AFAIK. Also, if you are using container ("declarative") security, if your security requirements are simple enough, you won't have to write ANY code. That's the idea behind JAAS being in the J2EE spec.
BTW - your JAAS config file is located by using: -Djava.security.auth.login.config=file://path/to/a/config/file on the command line. HTH, Mike -----Original Message----- From: Sudhir S. Shetty [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 7:20 AM To: Struts Users Mailing List Subject: Help needing regarding implementing JAAS for a Web application Hello Everyone, I need your help regarding Implementing JAAS for a web app based on Struts, I have made a class which instantiates the Login context, and has an inner class callback handler(for receiving the user name and password). But I get an error when the login context is instantaiated , that the Config file cant be found. Could anyone please send me some code which depicts clearly how JAAS can be implemented in a Web app (my application server is Weblogic). I need it urgently as I have a deadline to meet. Thanks in advance, regards, Sudhir -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>