Hi!
Chuck Zheng wrote:
> Since we scatter ACLs into every bean's deployment descriptors
> (AccessControlEntry). As a Security Administrator, how do I see
> which EJBean can a particular role access (without trolling through
> all those DDs).
If you have a tool that can read DD's and present the specific bview
that you're looking for then it should not be a problem. Don't know if
such a tool is around though, since it's really too early on really.
Something to think about...
> If I write a custom realm, what should I do with AccessControlEntry
> in DDs?
Hm.. are you talking about EJB1.0 or EJB1.1? In 1.1 the container would
provide you with a tool to use your realm and connect roles in it to
roles in the DD.
/Rickard
--
Rickard �berg
@home: +46 13 177937
Email: [EMAIL PROTECTED]
Homepage: http://www-und.ida.liu.se/~ricob684
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
