LOL That's a good one!!
-- James Mitchell Software Engineer / Open Source Evangelist EdgeTech, Inc. 678.910.8017 AIM: jmitchtx MSN: [EMAIL PROTECTED] Yahoo IM:[EMAIL PROTECTED] ----- Original Message ----- From: "Christian Bollmeyer" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Wednesday, March 10, 2004 4:02 PM Subject: Re: ASP.NET and Struts: Web Application Architectures On Wednesday 10 March 2004 21:10, Guido García Bernardo wrote: > Interesting reading... > > http://msdn.microsoft.com/asp.net/using/migrating/default.aspx?pull=/ >library/en-us/dnaspp/html/aspnet-aspnet-j2ee-struts.asp#aspnet-aspnet- >j2ee-struts_topic4 > > Regards. Yeah! Finally, the first truly unbiased comparison between both serverside component technologies has arrived! Pity for J2EE. I definitely want .NET now. Still, I obviously didn't completely grok the following yet: "Impersonation allows ASP.NET applications to execute with the identity of the user who requested the page. Impersonation pushes authentication and authorization out to IIS, as ASP.NET will just use the token received from IIS whether it is authenticated or not. When impersonating, ASP.NET relies on standard NTFS permissions on files and folders in order to determine whether it should allow or deny access to a particular resource." So I can simply delegate all those nasty security issues to the trusty IIS and have my users just safely wander about the servers' hard drives afterwards? No wonder J2EE falls short in terms of security. A pity they don't tell anything about availability dates for Linux clusters, so we may have to live on with this outdated J2EE technology for some time. A real pity :-) -- Chris. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
