[jboss-user] [JBoss Seam] - Re: Glaring Security Hole?

sbryzak2 do-not-reply at jboss.com
Wed Sep 13 19:39:05 EDT 2006

Entity beans (and in fact, any JavaBean objects that are returned or referenced in the return value by a session bean method) are represented by an equivalent Javascript "class" to provide the developer with a familiar object model to work with.  Until now, no-one has expressed any issues with exposing the model (I guess it depends on the nature of the project), although I suppose that it wouldn't be difficult to annotate certain entities with @Restricted or something like this which would prevent it from ever being used in remoting.  If you'd like such a feature, please raise a JIRA request.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3971438#3971438

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3971438

More information about the jboss-user mailing list