On Tue, Sep 10, 2002 at 10:28:50PM -0400, Jim Crossley wrote:
> I'm looking for advice. What's the best practice for ensuring that, for
> example, only members of a particular team are allowed to update projects
> assigned to that team? Assume a Project EJB with an update method, if you
> will.
I'm looking for advice. What's the best practice for ensuring that, for
example, only members of a particular team are allowed to update projects
assigned to that team? Assume a Project EJB with an update method, if you
will. The J2EE role-based security mechanism cannot enforce that rule.
Afte
