Also see this article: http://www.javaworld.com/javaworld/jw-07-2004/jw-0726-security.html
J2EE security: Container versus custom Choose the appropriate type of security for your application Summary This article covers the factors to consider when choosing between custom security and J2EE standard security, also known as container security. It briefly covers how each type of security works and then illustrates their differences, strengths, and weaknesses. Although J2EE security itself applies to all components of an enterprise application, this discussion's main focus is Web application security or, more specifically, authentication. (6,000 words; July 26, 2004) ------------------------------------------------------------------------------ Notice: This e-mail message, together with any attachments, contains information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station, New Jersey, USA 08889), and/or its affiliates (which may be known outside the United States as Merck Frosst, Merck Sharp & Dohme or MSD and in Japan, as Banyu) that may be confidential, proprietary copyrighted and/or legally privileged. It is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please notify us immediately by reply e-mail and then delete it from your system. ------------------------------------------------------------------------------ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]