1 Reply Latest reply on Apr 25, 2003 1:02 AM by marc fleury

    Security: declarative or custom?

    servigo Newbie

      Hi,

      I'd like to ask you, what security do you use in your projects. Declarative according J2EE specification or have you written your own stuff to secure your applications.
      Example: In case of application which have only web interface to access EJB layer, do you secure EJBs as well or only web tier?
      Some sources (documents, examples) would be appreciated, as on google I'm able to find only technical stuff (how and where put tags to web.xml and so on...), but I'm interested more on general patterns how to secure application to not reinvent wheel.