My understanding is JAAS is very easy to implement for the Web Application, as the Web Container takes care of maintaining the 'Subject' for each call to App Container. JAAS Loginmodule will query the DB to get check the username/password and set the 'Subject'.
But my questions are - As Swing App is a separate client,
1. How will this Swing Client access the JAAS Authentication provider which is sitting in App Server? (by jndi lookup???)
2. How will it get the validated Subject back from the JAAS Authenticator?
OR
Should be we have to have some SignOnEJB which does JAAS Login and returns the validated Subject?
public class SignOnEJB{
public Subject login(
String Username, String password){
}
}
Thanks
[ June 24, 2006: Message edited by: Johnty Rhodes ]