Return-Path: Delivered-To: apmail-xml-cocoon-dev-archive@xml.apache.org Received: (qmail 75378 invoked by uid 500); 4 Aug 2002 07:57:48 -0000 Mailing-List: contact cocoon-dev-help@xml.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: cocoon-dev@xml.apache.org Delivered-To: mailing list cocoon-dev@xml.apache.org Received: (qmail 75357 invoked from network); 4 Aug 2002 07:57:47 -0000 Message-ID: <028701c23b8c$abcf6070$0100a8c0@MAUCHI> From: "Ivelin Ivanov" To: Cc: Subject: [Q] Cocoon 2.1 Authentication framework (aka sunRise) Date: Sun, 4 Aug 2002 02:58:07 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N I have tried to read through the Auth. documentation and understand how it relates to the authentication mechanism of the J2EE specification. I see that it supports roles and session context, but do not understand if it is tied to the J2EE container's security. For example when authenticated through the container, a user principal and role are available in the ServletRequest. They are also carried over and applied to any J2EE resource like transactions, datasources, EJBs, JMS, etc. through JNDI. So, my question: Is the sunRise framework tied to the J2EE security APIs? How can my EJBs be aware of the user name and role ? -=Ivelin=- --------------------------------------------------------------------- To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org For additional commands, email: cocoon-dev-help@xml.apache.org