Hi,
Please advice me I am in right direction or not?. Please see the following security options.
Web Clients: Using SSL, form based authentication and container provided method level authorizarion at
EJB layer.
Swing clients: Using LDAP for authentication and container provided method level authorizarion at EJB layer.
I assumed userId and Password are stored in LDAP. Do you see any loop holes in my security design ?. Do I miss something here ?? Please advice.
Appreciate your help and inputs.
Thanks
Srinivas