A client can only access an EJB if it knows its JNDI name. Correct me if
I'm wrong, but there's no JNDI command to manifest all available services.
So a superficial, if rather weak, way to secure your beans is to reveal only
public bean JNDI names to your client.
Gene
-----Original Message-----
From: Steffen Ramlow
To: [EMAIL PROTECTED]
Sent: 6/21/01 2:36 PM
Subject: securing "inner" beans
i can i manage it that clients can only access some of my (session)
beans
and not entity beans or internal session beans
========================================================================
===
To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
