You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Guido García Bernardo <gg...@itdeusto.com> on 2004/03/10 21:10:56 UTC
ASP.NET and Struts: Web Application Architectures
Interesting reading...
http://msdn.microsoft.com/asp.net/using/migrating/default.aspx?pull=/library/en-us/dnaspp/html/aspnet-aspnet-j2ee-struts.asp#aspnet-aspnet-j2ee-struts_topic4
Regards.
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: ASP.NET and Struts: Web Application Architectures
Posted by James Mitchell <jm...@apache.org>.
LOL
That's a good one!!
--
James Mitchell
Software Engineer / Open Source Evangelist
EdgeTech, Inc.
678.910.8017
AIM: jmitchtx
MSN: jmitchell@apache.org
Yahoo IM:jmitchtx@yahoo.com
----- Original Message -----
From: "Christian Bollmeyer" <ja...@christianbollmeyer.de>
To: "Struts Users Mailing List" <st...@jakarta.apache.org>
Sent: Wednesday, March 10, 2004 4:02 PM
Subject: Re: ASP.NET and Struts: Web Application Architectures
On Wednesday 10 March 2004 21:10, Guido García Bernardo wrote:
> Interesting reading...
>
> http://msdn.microsoft.com/asp.net/using/migrating/default.aspx?pull=/
>library/en-us/dnaspp/html/aspnet-aspnet-j2ee-struts.asp#aspnet-aspnet-
>j2ee-struts_topic4
>
> Regards.
Yeah! Finally, the first truly unbiased comparison between both
serverside component technologies has arrived! Pity for J2EE.
I definitely want .NET now. Still, I obviously didn't completely
grok the following yet:
"Impersonation allows ASP.NET applications to execute with the identity
of the user who requested the page. Impersonation pushes authentication
and authorization out to IIS, as ASP.NET will just use the token
received from IIS whether it is authenticated or not. When
impersonating, ASP.NET relies on standard NTFS permissions on files
and folders in order to determine whether it should allow or deny access
to a particular resource."
So I can simply delegate all those nasty security issues to
the trusty IIS and have my users just safely wander about
the servers' hard drives afterwards? No wonder J2EE
falls short in terms of security. A pity they don't tell
anything about availability dates for Linux clusters,
so we may have to live on with this outdated J2EE
technology for some time. A real pity :-)
-- Chris.
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: ASP.NET and Struts: Web Application Architectures
Posted by Christian Bollmeyer <ja...@christianbollmeyer.de>.
On Wednesday 10 March 2004 21:10, Guido García Bernardo wrote:
> Interesting reading...
>
> http://msdn.microsoft.com/asp.net/using/migrating/default.aspx?pull=/
>library/en-us/dnaspp/html/aspnet-aspnet-j2ee-struts.asp#aspnet-aspnet-
>j2ee-struts_topic4
>
> Regards.
Yeah! Finally, the first truly unbiased comparison between both
serverside component technologies has arrived! Pity for J2EE.
I definitely want .NET now. Still, I obviously didn't completely
grok the following yet:
"Impersonation allows ASP.NET applications to execute with the identity
of the user who requested the page. Impersonation pushes authentication
and authorization out to IIS, as ASP.NET will just use the token
received from IIS whether it is authenticated or not. When
impersonating, ASP.NET relies on standard NTFS permissions on files
and folders in order to determine whether it should allow or deny access
to a particular resource."
So I can simply delegate all those nasty security issues to
the trusty IIS and have my users just safely wander about
the servers' hard drives afterwards? No wonder J2EE
falls short in terms of security. A pity they don't tell
anything about availability dates for Linux clusters,
so we may have to live on with this outdated J2EE
technology for some time. A real pity :-)
-- Chris.
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org