This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

What is the authenticated entity in a web app?

Chulwoo Choi
Ranch Hand
Posts: 65
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

This is a rudimentary question but I�m not sure what the authenticated entity is in a web app. Is it the session or the object in which JAAS authentication occurred??

For example, consider a user who wants to access a secured EJB though a web application. A user would login in the JSF login page and the backing bean will authenticate the user using the JAAS API.
In this case, is the user considered authenticated as long as the session is alive?? Or is it only the backing bean object that can access the secured area??

Thanks for help in advance.
I agree. Here's the link:
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic