Hi!
Anybody knows of any security patterns in EJB or at least for jBoss.
Role-based method-level security is clearly not enough in most cases. How
can I externalize these finer-grained settings to some settings file or
database still using EJB concepts?
Security constraint example: Only owners can modify their User object,
Administrator can modify any User object.
Any useful links to sources of information appreciated.
Alexander Klyubin
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
