This content has been marked as final.
Show 1 reply
-
1. Re: JAAS Login Module and User Principal best practices
starksm64 Dec 21, 2005 11:04 AM (in response to mrforms)The Subject is the more general representation of the authenticated user, but different j2ee layers use different representations. There is no guarentee that you can control the prinipcal available from the ejb/web tiers. You do have more control over the Subject, but really authentication is not standardized in terms of how you do this either. Whatever works currently is the bottom line. When jsr196 is included this should be standardized.