Hi!
> A more flexible option is to use securityfilter
> (http://securityfilter.sourceforge.net) to handle everything.
>
If you are already using spring have a look at ACEGI.
It is not really easy to install, but allows you to e.g. have different
login methods within the same webapp.
Regarding the principal. Remember, you can always use reflection to
break into an object (given you use no securitymanager or a liberal
configured one).
For example, I used for a while:
try
{
Method hasRoleMeth =
principal.getClass().getMethod("hasRole", String.class);
return (Boolean) hasRoleMeth.invoke(principal, role);
}
catch (NoSuchMethodException e)
{
log.error(e.getLocalizedMessage(), e);
}
catch (IllegalAccessException e)
{
log.error(e.getLocalizedMessage(), e);
}
catch (InvocationTargetException e)
{
log.error(e.getLocalizedMessage(), e);
}
Ciao,
Mario
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
