On Saturday 05 March 2005 00:47, Andreas Prohaska wrote:
> But even without trusting my client, assume that I have the secured
> Account instance in the servlet tier. Now imagine a wizard that allows
> the current user to edit the Account, perhaps in multiple steps.
> Everyone would agree that it's
Dear Spring Community
I'm pleased to make the following two announcements:
* Acegi Security will become a Spring subproject from release 1.0.0.
* Acegi Security release 0.8.0 is now available.
=
OFFICIAL SUBPROJECT STATUS
=
Well, that's true for the business objects implementing services. Sorry that
I didn't make that clearer.
What I have in mind are domain objects actually modelling the data,
protected by Acegi. Imagine an Account class that offers a method called
getBalance() and that method is protected with Aceg
Hi Sergio,
yes, we're talking about the same scenario, let me just point out
one more issue. First of all I am/will be using a servlet application
that connects to an enterprise server that connects to the database.
Not necessarily EJBs.
I want to enforce security on domain objects (Account) in t
First of all I'll try to clarify what I understand for the problem you
propose.
A- Client calls remote method getAccount
B- Client application gets serialized version of Account object
C- Client modifies local unserialized account Object
D- Client serializes and sends the modified account object
