I am not sure whether this is an EJB standard thing or not, but
<vendor>
In GemStone/J one can establish an "Application ACL" with each account.
A configuration utility would provision these ACL's. The provisioning of
the ACL's would be restricted to the administrator.
The account bean could check (via the ACL) that the current principal has
permission to perform a given operation...
The API's are based on Java standard security API's. The application
ACL notion is a GemStone thing at this time.
</vendor>
-Chris.
> -----Original Message-----
> From: Richard Monson-Haefel [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, May 25, 1999 2:18 PM
> To: [EMAIL PROTECTED]
> Subject: Instance level authorization
>
> I was disappointed to see that instance level authorization is not covered
> in EJB 1.1.
>
> It would be nice if specific principles in the operational environment
> could
> be given permissions on specific entity primary keys. An administrator
> would do this.
>
> How, for example, does an EJB system allow "Jill Jones" to access account
> records 1, 33, 77, 199 but not any other accounts? What if the list of
> accounts accessible by Jill and other users changes daily?
>
> ==========================================================================
> =
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
