I need to implement row level access control and authorization within my
JPA client application.
I wanted to confirm that I can use the following methods to intercept
the db transaction
before it is committed:
* PrePersist
* PreRemove
* PreUpdate
and place my access control and authorization checks there. If the
action is denied and an AuthorizationException is thrown in the callback
methods can I assume that the commit would fail with some exception that
has my exception as the nested exception / cause?
The spec seems to be silent on this point but I can't imagine any other
possibility for implementations to take.
--
Regards,
Farrukh
Web: http://www.wellfleetsoftware.com