Hello,
I want to use container-managed security for authentication and authorization. I have read the correspondance from this group on the subject. My question is once the customer has entered the userid/password and been authenticated, how can I store the customer profile in the customer's http session? For example, the RDB realm in
Tomcat does not have access to the Http session of a given user. I want to at least be able to store some kind of id which identifies the user in the user's session.
Thanks.
Saha