Hi there Rob,
we had a similiar problem when designing our clients.
i.e. We wanted to restrict access to which modules (entities) a
user could access in a tree structure. We followed a number of
Access Restriction patterns included in the document
'Architectural Patterns for Enabling Application Security' by
Yoder and Barclow and implemented them using Java 1.1 security.
It escapes me the site where we actually downloaded it but I
have forwarded you a copy directly.
Regards
Duncan Alexander
-----Original Message-----
From: Masters.Robert [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 08, 1999 12:41 AM
To: [EMAIL PROTECTED]
Subject: [EJB-INT] Client side Access Controls
Hi all,
I'm looking at implementing some form of access controls in the client
of my
EJB based application. basically I want to restrict access to certain
parts
of the application depending on who the user is. I have looked into the
jdk1.2 security model and this seems approriate. However, ny backend EJB
server is running JDK117b. Is this a dangerous proposition? and how/what
ways are access controls normally achieved within a java application?
I'm currently using weblogic and have found the acl's for protecting
server
side objects relatively usefull, my other option is to try and extend
this
to the client. But being jdk1.1 based the weblogic stuff uses the 1.1
security model :(
any suggestions/comments appreciated.
Regards
Rob Masters
========================================================================
===
To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
