could you refer to the "How to handle dynamic authorization?" thread. i have a similar requirment, and I've requested Scott if it's actually possible to have an enhancement to add/remove certain transient roles.
But the bottomline, as I understand it, is that you cannot leverage declarative J2EE security when your roles have to be ascertained dynamically on a per-call basis. You would have to either establish the roles at login time, or go for your own custom role mechanism. <a href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3826953#3826953";>View the original post</a> <a href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3826953>Reply to the post</a> ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
