fortunately.... yes.
Al
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: jboss <[EMAIL PROTECTED]>
Sent: Wednesday, June 27, 2001 4:23 PM
Subject: [JBoss-user] Access control
> It appears as if J2EE's use of JAAS gives me some control over which
> users can use which methods in which beans. However, I have a couple
> of concerns;
>
> First, is there an easy explanation of the difference between groups
> and roles?
>
> Secondly, it doesn't seem to help me in the generic problem of wanting
> to restrict access to certain database records. Basically, I have paul
> and harry, both possessing the "customer" role. Paul should be able to
> browse his own orders but not Harry's. I take it I am left to
> implement this bit of secuity myself, in the lookups that I do?
>
> Cheers
> Bent D
> --
> Bent Dalager - [EMAIL PROTECTED] - http://www.pvv.org/~bcd
> powered by emacs
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
