It seems that it really depends on how the container implement this since
the spec is not very clear about this issue.
If the container's security manager enforce this restriction, then I wonder
if any of the core java classes do use read/write static field and/or use
threads etc. If they do that will means that EJBs cannot use these core
classes.
Otherwise if the container does not enforce this, then, I agree with
Emmanuel that this breaks the purpose of the spec. You can have classes
called by the EJB that could open up security holes.
Czarina.
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
