hi thanks for the reply. I still have a query. In page: 501 of "Enterprise JavaBeans" by OReilly, it says "MDBs must always have a runAs security identity specified". Is this a mistake ? Or did I understand the concept in a wrong way ? Thank You seema
Sun Certified Java Programmer<br />Sun Certified Web Component Developer<br />Sun Certified Business Component Developer
The O'Reilly book compares the use of the <run-as> and <use-caller-identity> elements. As an MDB has no knowledge of the identity of its caller, it cannot use <use-caller-identity> and can only use <run-as>. However, if the MDB never calls another EJB, or only calls methods with no security check, there is presumably no point in declaring <run-as>.
SCJP, SCWCD, SCBCD
There are no more "hours", it's centi-days. They say it's better, but this tiny ad says it's stupid: