Originally posted by Darren Edwards:
Bear, does your solution make use of predefined roles in web.xml or is it all hand crafted?
I generally hand-craft it.
What I'm getting at is if I can't make use of the security related elements in web.xml to achieve a powerful and flexible solution, what's the point of them?
They're more than adequaate for a lot of cases. I usually just need a bit more flexibility.
Now, don't get me wrong. I'm not saying that you
shouldn't use the built-in stuff if it works for you. But I'm saying that it's certainly not wrong
not to either. If your home-grown solution is working for you, why muck with it?
Becoming familiar with the web.xml mechanisms is a worthwhile goal though as you may find it suits any future projects, or you
could find that it will better suit your current project.
[ May 13, 2006: Message edited by: Bear Bibeault ]