May Charles N wrote:
> This singleton is a regular java class accessed by the EJBs. It should not
> be an entity bean itself, since speed is the only reason for its existence
> and we don't want it loaded from persistent storage every time it's
> accessed. We don't care if multiple JVMs are running or not -- all we care
> about is fast access within any given JVM.
This approach will kill EJB security, right? That is if I obtain an EJB
home running as user Joe, and stash it in a hashtable, then all beans
accessed via that home will (unless you're lucky enough to have a
container that correctly implements the JNDI specification and works
around the gaping holes in EJB1.1) return beans that will run as Joe.
Please, someone, tell me I'm wrong.
Cheers,
Laird
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
