this is my second post in this great community and my second question. I wrote a small web portal application and currently I'm using my own security layer.
I want to switch to the JBossSX security framework and have some questions which I couldn't answer myself using google and the JBoss Documentation.
- Can I secure single servlets with roles by only touching the web.xml and leaving the class's code as it is? - When I have two different .war applications running on one single server (is that even possible?), is it possible to get the users roles out of the same session of both applications?