i am just migrating from jboss 2.4.10/tomcat to jboss3.0.7/jetty. in the old jboss/tomcat-bundle there was a tomcat-request-interceptor which forwarded authentication from tomcat to jboss.
is there equivalent functionality available in jboss3/jetty, or do i have to authenticate "by hand"?
the configuration in the old jboss/tomcat was in tomcats server.xml and looked like:
the security context is propagated between the web-tier and ejb-tier automatically as long as you're running an embedded servlet container