Thanks for the comments. I realized after I posted the message that clients
with user-managed transactions could still access the entity beans. I guess
I'm less concerned (for now) about enforcing access to entity beans. Right
now, I'm more interested in getting feedback from the group as to whether or
not setting TX_REQUIRED for service-level SSBs and setting TX_MANDATORY for
domain-level EBs makes sense in the general case, within the context of a
FoodSmart-style layered architecture.
KurtC
-----Original Message-----
From: Chris Raber [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 18, 2000 6:38 PM
To: [EMAIL PROTECTED]
Subject: Re: TX attribute question
Kurt,
Well, a client could still start a transaction and then call an entity bean,
so this doesn't absolutely keep the architecture enforced.
In EJB 1.0 you could use the "Run As" feature to force the Session Bean to
take on a certain security principal. The entity beans could then be fenced
with an ACL that only allows that "system" principal. The problem with this
is that you lose who the real principal/roles are, and so role based
security is then foobar. It meets your architectural requirement, but
probaby does not meet your user security requirements.
I can't think of a spec hook to force this organization.
How about establishing best practices and standards for your prject, and
performing team code reviews to enforce? It's a good idea anyway. This is
just another thing to check for.
Regards,
-Chris.
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
