a very lightly considered option: obfuscation. if the "client" cannot see
(or find) EJBB, it's as good as not being there. of course you give the
"key" to EJBA so it can find the treasure.
> -----Original Message-----
> From: Sean C Sullivan [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, May 21, 1999 1:03 PM
> To: [EMAIL PROTECTED]
> Subject: Deny remote clients access to Entity bean methods
>
> I've got two EJB's:
>
> EJBA - a stateful session bean
> EJBB - an Entity bean
>
> I implemented home and remote interfaces for both beans.
>
> I want to setup the following:
> 1) allow remote clients to call methods on EJBA
> 2) deny remote clients access to methods on EJBB
> 3) allow EJBA to call methods on EJBB
>
> #1 is easy to do.
>
> I'm looking for the best way to satisfy requirements #2 and #3.
>
> Thoughts?
>
> -Sean
>
> ==========================================================================
> =
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
