Quoting Mukul Joshi <[EMAIL PROTECTED]>: > Hi > > Has anyone used j_security_check in Jboss 3.0 with > Tomcat. > > If yes, is the user authenticated with the custom > login module in JBoss. > Yes, JBoss plugs in his own realm into tomcat, so that the same security manager used in JBoss framework is used in the tomcat web container also.
> Also is the authenticated user then associated with > the Session. Yes ofcourse, you can also get the principal object using the getUserPrincipal API. > And is the authenticated user associated > with the execution thread so that the method > permissions work seamlessly on the EJB side and the > user can also be identified in the EJB. > If you are worried about the security(principal) being passed across, then: All the containers have a implicit rule of passing on the principal object when communication goes from one container to another. i.e. for example webcontainer to EJB container. So you will not have any problem. > Is there any special setting to make j_security_check > work thus. > NOPE!!! no need. > Many Thanks > > Mukul > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > ------------------------------------------------- Sify Mail - now with Anti-virus protection powered by Trend Micro, USA. Know more at http://mail.sify.com Take the shortest route to success! Click here to know how http://education.sify.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
