I have small ideological problem :) I have login form in my
application. So, each user has his own login and password. As
serverside is used LCDS with secured destinations.
And here are two possible approaches:
1) I use server side auth. mechanism (Tomcat realm) to check
users credentials. I have custom auth. class, which check user
credentials. This works, but, i have some problems in logout
2) Second way is this. I have only one user (which is
hardcoded in app). This user is authenticated to server at the
start (setCredentials() ). I need this, because all destinations
are secured. And real user is verified against the services that
will bring the information that user is verified.
So, i don't know which approach is better. Now, using the
What do You think about this ? Which way is the best ?