You might try looking for articles on pluggable security on java.sun.com. Also try searching for pluggable security on javapro.com.
-----Original Message----- From: Phase Web and Multimedia [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 6:38 PM To: Struts Users Mailing List Subject: RE: Security Question getRemoteUser() or getUserPrincipal() Then... how do you set the Principal object to be something other that the username. Do you have any articles or tutorials that explain this? Brandon Goodin Phase Web and Multimedia P (406) 862-2245 F (406) 862-0354 [EMAIL PROTECTED] http://www.phase.ws -----Original Message----- From: Wellie W. Chao [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 4:04 PM To: Struts Users Mailing List Subject: RE: Security Question getRemoteUser() or getUserPrincipal() A Principal can be more than just username. For example, it could be driver's license number, social security number, etc.... They're alternate ways to identify the same user. Username is just that -- username. -----Original Message----- From: Phase Web and Multimedia [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 6:03 PM To: Struts User; Struts Dev Subject: Security Question getRemoteUser() or getUserPrincipal() Sorry all I know this isn't a struts question. But I have a security framework that will give more flexiblity to struts and tomcat(+ other containers). I am able to tie it into the container managed security. But, I need a question answered? what is the difference between getRemoteUser() and getUserPrincipal()? From what I can tell getRemoteUser() returns the username in string form and the only method in the Principal class is the getName() which returns the usersname. Why do we have both and if I am doing programmatic security checks which should I use and why? -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>