My (exceedingly limited) understanding of CMA was that it was very container specific. If so what approach do you recomend for an app (accessing ejbs) which customers are to run in their own container, where at development time one desnt know which container will be used?
Is it better to ditch CMA and hope for the best from a home grown solution, or to try and find the resources to write seperate versions of the app for each of the major containers? (Or tell em they can have any container so long as its Tomcat? (This would be my choice if I was dictator for life ;->)) -----Original Message----- From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 02:27 To: Struts Users Mailing List Subject: Re: Using CheckLogin tag from within tiles On Mon, 7 Oct 2002, Eddie Bush wrote: > Date: Mon, 07 Oct 2002 12:22:23 -0500 > From: Eddie Bush <[EMAIL PROTECTED]> > Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]> > To: Struts Users Mailing List <[EMAIL PROTECTED]> > Subject: Re: Using CheckLogin tag from within tiles > > Oh - one more thing. Filters really are a lot more flexible in that > they can be deployed with the application. I've heard of instances > where hosting providers wouldn't configure realms for folks (nor would > they do anything else that required a server config change) - and that > is where a Filter would become an absolute necessity! > One other thing to note about any non-CMA approach -- they don't help you much (if at all) if you are accessing EJBs from your actions. From the point of view of the EJB container, all these requests will appear to be from an unauthanticated user identity. You can establish a <run-as> identity in web.xml for these cases, but this applies to *all* EJB calls. If you want the EJB layer to be able to make role-based access decisions depending on who the logged in user is, you must use container managed security. > David Graham wrote: > > > I've never used CMA because of potential implementation differences > > across containers. Are those fears justified? I have used the Filter > > approach and found it to be easy and portable. > > > > Dave > > -- > Eddie Bush > Craig -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
