* Is there a way to override default
security identities propagated between beans?
SCENARIO: Suppose a user is authenticated by the JAAS setup
and is given identity "joe" when bean A is called. Now
suppose bean A calls bean B, whose properties specify
that "runAsMode=SPECIFIED_IDENTITY" and
"runAsIdentity=johny". I assume the security context
is propagated from A to B, which implies a conflict
with the properties for B. In this case, what identity
does the user for B have: "joe" or "johny"?
* Can you specify security roles for overloaded methods
within the same bean? Eg, bean X has methods put(int)
and put(double). Can we specify different security roles
for these methods?
* Can more than 1 role be assigned access to some bean method?
(I don't see any special need for this, as more than 1 role can
always be collapsed into 1 role. But I am curious to see if it
is supported.)
Regards,
Charlie
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
