tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Owens <>
Subject Security Propagation
Date Fri, 05 Apr 2002 09:28:28 GMT
I'm interfacing a servlet-based front end to an EJB back end (isn't 
everybody?) using tomcat + jboss. My issue is that I need to 
authenticate using my EJB security bean, but I want to associate the 
resulting subject with the users session in tomcat (as if I had 
performed container authentication). Are custom realms the ONLY way to 
do this (ugh)? Is there any way to cache the subject in the session, and 
just somehow associate it with the thread's security context (sounds 
like this would be easier) when processing? I haven't found any good 
docs on writing a custom realm, has anyone written any?

Any help/pointers/solutions will be appreciated. Thanks


To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message