aspose file tools
The moose likes JBoss and the fly likes Rudimentary question about JAAS authenticated entity Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Products » JBoss
Reply Bookmark "Rudimentary question about JAAS authenticated entity" Watch "Rudimentary question about JAAS authenticated entity" New topic
Author

Rudimentary question about JAAS authenticated entity

Chulwoo Choi
Ranch Hand

Joined: Apr 11, 2005
Posts: 65
posted private message
0
Quote
Hello,

I�m not sure what the authenticated entity is in a web app. Is it the session or the object in which JAAS authentication occurred??

For example, consider a user who wants to access a secured EJB though a web application. A user would login in the JSF login page and the backing bean will authenticate the user using the JAAS API.
In this case, is the user considered authenticated as long as the session is alive?? Or is it only the backing bean object that can access the secured area??

Thanks for help in advance.
Chulwoo
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Rudimentary question about JAAS authenticated entity
 
Similar Threads
SessionTimeOut Handler with Ajax
General advice on login/authentication/ldap
JSF Login problem
What is the authenticated entity in a web app?
Retrieving Authenticated JAAS Subject