Hi!
We've been pondering for a while, how to implement programmatic security
checks for
removing entity bean instance. In ejbRemove you can only throws system
exceptions.
Security exceptions are, in our case, application exceptions.
The only solution we came up with is to deny access to remove()
declaratively and
make clients use a business method (e.g.: delete()) that performs checks,
throws
application exceptions and only if everything's fine calls
EJBObject::remove().
What do you think of this?
Alexander Klyubin
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
