1 Reply Latest reply on Mar 4, 2002 12:28 PM by David Ward

    security based on values

    David Ward Newbie

      I know how to lock down EJB's based on which roles are allowed to execute which beans/methods, but does anyone have any experience on locking things down looking at the VALUE of an object passed into an EJB method?

      I'm relatively sure the spec doesn't say anything about this, but has anyone come up with a good hybrid mix of container-based and application-based security?

      Many thanks,