Can the web service be put in a separate web module?
I'd try that. both would share the smae p2r mapping, and realm, but I think this would allow them to be configured with different auth-mechanism (or diffferent jsr 196 SAM for that matter).
if not, then I would say that we don't have a simple way to support 2 auth mechanisms within one web module, since Servlet expects that there be one auth-mechanims per module. using jsr 196, someone could develop and configure a SAM that was basically a composit auth mechanism. This would be feasible given that the SAM could know when to retrun each of the types of challenges.
please let us know if the separate module approach is feasible.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]
http://forums.java.net/jive/thread.jspa?messageID=336040