Noel J. Bergman wrote:
I also see that JSecurity web support relies on a return to
application-level security based on a filter, rather than rely on container
management, which has evolved as a cornerstone of Java programming. The
reliance on a filter is probably because JSecurity is not (yet?) integrated
with the Java standards in the security space.
I've been watching this proposal because I'm very interested in
JSecurity as a whole, but I think Noel raises an interesting point
here. At least in Websphere, you can have container-managed security on
the method-level for EJBs, which doesn't have to be called form a
webapp, so a filter-based approach couldn't provide this. I'd LOVE to
be able to get rid of IBM's security subsystem and replace it with
JSecurity, but if it can't allow the same sort of thing then I can't do
that.
Is that capability, or lack thereof, a limitation inherent in the
approach JSecurity has taken, or is it just a case of a feature that is
planned for down the road?
Thanks,
Frank
--
Frank W. Zammetti
Author of "Practical DWR 2 Projects"
and "Practical JavaScript, DOM Scripting and Ajax Projects"
and "Practical Ajax Projects With Java Technology"
for info: apress.com/book/search?searchterm=zammetti&act=search
Java Web Parts - javawebparts.sourceforge.net
Supplying the wheel, so you don't have to reinvent it!
My "look ma, I have a blog too!" blog: zammetti.com/blog
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
