This week's giveaway is in the EJB and other Java EE Technologies forum. We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line! See this thread for details.
Consider this scenario. User logs into site A which authenticates the user. From site A there is a link to Site B clicking on which site A passes the credentials to B. Site B is a struts application running on websphere 5.0. It needs to get the entitlements for the user from an XML file. If my scope starts only from Site B, and i need to take care only of the authorization how do i do so?Also Single Sign On needs to be incorporated between both the applications. 1. Do i use JAAS? If i use JAAS, can i use it only for authorization without using it for authentication. As far as i know, i don't think this is possible. If i am right is there an alternative in JAAS? 2. Is there a way by which i can use WAS Security? Which is the best way to go about implementing this? Thanks, Priya