At 5:47 PM +0530 12/10/01, Vijay Guda wrote:
>Hi
>
>Thanks for ur advice. But with a statefull session bean, it is not possible
>for me to make this a generic framework for all j2ee-based applications.
>Also this come up with all over-heads that a statefull session bean has.
>
> The reason that iam not using container-managed security is that i require
>to have a role-based security mechanism which is more dynamic and flexible
>than declarative security mechanism.
Container-managed security *is* role-based and is quite flexible. What kinds of
things do you think you cannot do with container-managed security? You do realize
that you can ask whether a user is in a particular role at runtime, don't you?
--
------------------------------------------------------------------------
Russell Gold | "... society is tradition and order
[EMAIL PROTECTED] | and reverence, not a series of cheap
| bargains between selfish interests."
http://www.httpunit.org | - Poul Anderson, "Iron"
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
