I'd also like to add a followup question: we're writing an application with a JSF-based
HTML interface. We want users & roles to be in a database.
Is there anybody here who has gone through the process of evaluating
authentication/authorization for such a system? If so, what did you decide to do, or
what would you recommend?
We're aware of a PhaseListener approach, and we're going to try that next if we can't
get JDBCRealm to behave.
http://jdj.sys-con.com/read/250254_2.htm
(I'm really shocked that there seems to be no single, clear path for this.)
[Message sent by forum member 'pohl' (pohl)]
http://forums.java.net/jive/thread.jspa?messageID=202555