Ian Joyner wrote:
Anyway, I think I have found the answer in Chapter 6, p 140 on
delegates, that the session object is a delegate of
EODistributionContext and these delegate methods are called to check
security before operations are allowed on the server side. These return
false if the user is not logged in, which can be in a parent class of
session and then in a subclass provide more fine-grained access control
for checking CRED operations.
Has anyone else implemented such a JC security scheme? Does this sound
like the right way to go?
I implemented that feature for a prototype. It seemed to work very
well. If you were to combine that with JAAS I'd think you'd have a very
nice system.
-arturo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [email protected]
