cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bart Molenkamp" <b.molenk...@bizzdesign.nl>
Subject RE: Authentication
Date Fri, 24 Sep 2004 06:42:08 GMT
Just curious, as I am trying to get authentication/authorization done
right myself...

If you only use it for authentication, then why don't you just use the
security provided by J2EE?

Bart.

> -----Original Message-----
> From: Ralph Goers [mailto:Ralph.Goers@dslextreme.com]
> Sent: Thursday, September 23, 2004 10:54 PM
> To: dev@cocoon.apache.org
> Subject: Re: Authentication
> 
> Sorry this is late. I've been on vacation.
> 
> JAAS is just a framework, it doesn't actually do any authentication of
its
> own.  The "advantage" you get with JAAS is that it supposedly allows
you
> to
> integrate it with multiple applications.  In practice this isn't so
easy.
> 
> I am using JAAS behind Cocoon's authentication framework, but I am not
> using JAAS for authorization. I found that it didn't make a lot of
> sense.  Frankly, after doing it I'm not sure the authentication part
does
> either.
> 
> Ralph
> 
> At 9/20/2004  09:03 AM, you wrote:
> >The cocoon authentication framework allows you to use an
authenticator
> >class.  Why can't you just plug JAAS into this class and have the
best of
> >both worlds?
> >
> >Regards
> >Jorg
> >
> >Jennifer Yip wrote:
> >>Sorry guys - just came out of a long meeting on Security /
> Authentication
> >>and the question raised was:
> >>Is J2EE or JAAS container managed security better than that found in
the
> >>cocoon (portal) authentication framework?
> >>Any help appreciated before this meeting continues in the morning
> >>Regards
> >>JENNY


Mime
View raw message