I am doing two applications accessing the same data: client and admin. The client can see data coming from the dataservice but not modify it. The admin can modify the data and the clients see the modifications in real time through the dataservice. It works well as long as nobody hacks a client to be able to modify the data. Then Hell will break loose! So I'd like to use the J2EE security. I think I understand how to do it in Tomcat but I don't see in FDS how to give different authorizations for the admin and client. Because they share the same dataservice, so they should have the same role, right? So how can I give different rights to different users within the same dataservice ? Or do I have the wrong approach ?
Benjamin.