Hi All,
The ACL in EJB specificies the authorization for
method calls. So that can be very usefull so that we
can give some access to somebody and something to
other.EJB server identifies the user by the prinicipal
nad credential passed to the server.
In typical web-application, this type of requirement
is very common. In web scenario, the authetication
information actually gives these information from
login of the user to the web application. The login
can be easily done by securying servelt/jsp using j2ee
web-application's web.xml. But my question how can we
use this information which user feeds during login to
lookup the EJBHome ? If we can't use it, then how far
this ACL in EJB is usefull ?
As far as Oracle's OC4J is concerned their metalink
people simply told that this can't be done in present
version. Anyone of you can pls tell me whether this
can be done in famous EJB servers weblogic, websphere
and iplanet etc ? If it can't be done, then how can we
use it or how is it going to be usefull?
Secondly, if the user's authorization is thru SSL ,
then what will be the scenario ?
Any comment on this is welcome.
Thanks and Regards,
Sudarson
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
