Most vendors include security functions in their management consoles.
Consequently, you can change the permissions of a role on the fly so
trolling through a DD won't necessarily tell you the current permissions
of a role (not to mention the fact that the Deployer may have mapped the
roles in the DD to local roles). It's up to the vendor to provide
functions for viewing the current permissions of a role and any other
security information you might be interested in.
Kevin
Chuck Zheng wrote:
>
> Hello,
>
> Since we scatter ACLs into every bean's deployment descriptors
> (AccessControlEntry). As a Security Administrator, how do I see
> which EJBean can a particular role access (without trolling through
> all those DDs).
>
> If I write a custom realm, what should I do with AccessControlEntry
> in DDs?
>
> cheers
> chuck
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
