Hi!
"Kenworthy, Edward" wrote:
> RO> Which is Bad(tm). As Toby said, unlearn that practice ;-)
>
> Eh? How can it be bad ? The spec is just a blank - it doesn't say how to do
> it, it's app server specific. What's Bad(tm) is that it's not in the spec
> :-)
There has been lots of discussions about this on EJB-INTEREST, so see
archives.java.sun.com for details. The main problem is what happens if
one Handle-ifies a reference, and hand it over to someone else? Then
that other user will be authenticated as the first one if JNDI security
is used. Which is bad.
It's just a hack to use JNDI, and it was certainly not intended to be
done that way. JNDI security is for looking up values in a namespace,
nothing more.
/Rickard
--
Rickard �berg
Email: [EMAIL PROTECTED]
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
