I would like to implement 3 tiers where:
1 tier = Web Server(IIS) and Web Container(WAS 4)
2 tier =
EJB Container(WAS 4)
3 tier = Database
What I don't understand is that how websphere pass the current authenticated user(from current jsp/servlet session) information to EJB, so that the EJB will know whether the user have permission to run the Bean.
And what happened when I replace the WAS 4 to
Tomcat as my Web Container. Can the security information pass from Tomcat to WAS 4 ???
Guys, any idea about this?