ACL (data) permissions rather than EJB method (functional)

Discussions

EJB programming & troubleshooting: ACL (data) permissions rather than EJB method (functional)

  1. J2EE has standard ways of permission methods in a bean, which in essence is functional permissioning. That is, a user in a user group can call this method, the user can perform this function. I want to have permissioning based on the data resource. That anyone can call a method, but only certain people can modify a particular data source. I also want to use ACL permissioning on these data object. Has anyone implemented this security paradigm with J2EE? I'm open to hear ideas
  2. Might want to check out OSAccess at www.opensymphony.com. Combined with OSUser, it might do everything you need.

    -Pat