Hi waynebaylor, I'd like to control the read-access based on a users role (and a special use case). E.g. I have one business case, where a balance of account A should not be visible for users with role "clerk". But in another case balance should not be visible for a user with a role "employee"... May I use @Permit on entities (anyhow it would not fulfil my needs, but it would be interesting to know)? Thanks, Carsten View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055527#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...