Originally posted by Rick Salsa:
If you could that be great! So does the book cover programatic security as well? I'm assuming this might be something like isUserInRole, type of thing?
Also, you mentioned that the book talks about securing communcation from client to server, with a swing-jdbc app. What about securing communications with an app server using rmi? Is this mentioned at all and would it be similar to what you describe for the client-sever scenario?
Thanks Brian. The first answer was very informative!
[ October 23, 2002: Message edited by: Rick Salsa ]
Originally posted by Deb Williams:
Are there any security issues when using dynamic or static includes? If so, is one better to use than the other?
Originally posted by Cathy Gorchkova:
What is the best solution for handling instance-level security in Entity beans? How to return to the user a subset of entity beans he can access?
I wish to avoid retreiving all the beans first and then check authorization for every entity.
Originally posted by G Vanin:
Brian, thank you answering me in
I have more questions there basically abt what was the evolution in security and what will be next.
It is also very important for running the code from articles on Internet, since things change, there are articles 3 years old, and no explanation abt what they were/are using. A little bit of confusion.
For ex., IBM's security suite is evaluating since April 1999. It is interesting, if I read an article from 2000 (or even 1999) how may I get that suite from 2000, etc.?
How many your books are on promotion? Whether the CD is self-sufficient for reproducing examples without referring to Internet (I use JDK1.3.1, and access Internet through library or books' CDs)
Originally posted by Greg Ostravich:
This book looks great!
It looks like it has examples of all sorts of great stuff from Applets to Server-Side.
Do you speak at Java User Groups?
It looks like you could do a full talk just on J2EE security.
[ October 24, 2002: Message edited by: Greg Ostravich ]