EJB design: JAAS & EJB

  1. JAAS & EJB (2 messages)

    Does anyone have any examples how the Java Authentication
    and Authorisation Service would work with servlets or EJBs?

    I cannot work out how exactly to get the CallbackHandler passing information from the EJB or servlet.

    Or am I barking up the wrong tree with JAAS and should I be looking at something else to authenticate my users?


    Threaded Messages (2)

  2. JAAS & EJB[ Go to top ]

    You can use JAAS to authenticate and authorise any request to the App. Server. The problem is that not a single App. Server has implemented authorization part of JAAS. Weblogic 6.0 implements authentication. The way JAAS brings in pluggable login modules, its quite a clean security architecture.
  3. JAAS & EJB[ Go to top ]

    OK thanks, I'll have a look at WebLogic6. Guess we'll have to wait a bit before this becomes implemented in the major app servers.