Ok, I Finally read the 1.1. spec (which doesnt help me too much, since I dont
know of any implementations of it yet), but maybe it can give me some idea of
how to do it now.
Anyway, my example did a bad job describing what I need. What I really need is:
the ability for the session bean can change the role of a user in relation to a
entity bean instance (the account) at runtime based upon an account attribute.
So for example, user1 is a regular user, but for certain types of accounts, he
has the role "owner" for others, he may have the role "custodian" (maybe I pay
my parents phone bill, so I can do some limited operations on their account).
So for all the operations on that account they need to use the appropriate
role. Other users may have different roles for different accounts (my parents
have owner role on their account)..
I think I could do this if the ejb security policy allowed me to change roles
in the server. For example, in my session bean, I could on account iteraction,
look at the account type, and look at the users current role, and assign them a
new role for that interaction.
can this be done with either 1.0 or 1.1? or is there a better way to accomplish
this?
thanks
Joel
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
