Hi,The most important consideration is that EJBs are going to work *only* if you are using real container-managed security ... not some simulation like that provided by SecurityFilter. Nothing in the EJB tier is going to recognize your "users" as being actually authenticated.
I am developing an EJB/Struts J2EE application. Up to now I have dealt with the design of the customer web application
side and I came to the admin area - the back office web application part. I should also point out that I am using the securityFilter filter for
authentication.
My question is what is recommended as for the admin web app? Should I
use only one single Web module that
Manages both customer and admin (back-office) tasks? And if so, how do I
enforce authentication rules in terms of URL structure?
Or, should I have two separated Web modules (contexts) - one for the Customer app, and the other for the Admin app?
I also saw something about Struts modules, is it related?
Thanks in advance,
- Erez
Craig McClanahan
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
