J2EE has standard ways of permission methods in a bean, which in essence is functional permissioning. That is, a user in a user group can call this method, the user can perform this function. I want to have permissioning based on the data resource. That anyone can call a method, but only certain people can modify a particular data source. I also want to use ACL permissioning on these data object. Has anyone implemented this security paradigm with J2EE? I'm open to hear ideas
- Posted by: John Smothers
- Posted on: January 16 2002 13:56 EST
- ACL (data) permissions rather than EJB method (functional) by Patrick Lightbody on January 17 2002 03:48 EST
Might want to check out OSAccess at www.opensymphony.com. Combined with OSUser, it might do everything you need.