I am new to java web programming and want to understand the best practices
method of implementing Least Privilege concepts when applied to page designer
access.
As I design my 1st app, I foresee a need to have application scope and
session scope objects that are accessible by controllers and models but not
by page designers. Based on what I have read so far, I have made the
following assumptions.
Assumption 1: My understanding so far is that the only way (outside of a
database) to share objects accross application and session is to use the the
Attributes maps.
Assumption 2: Once an object has been exposed to the Attributes map, it is
automatically available to page markup.
Are the assumptions correct?
What are the best practices for this business need?
--
[Message sent by forum member 'rss181919']
View Post: http://forums.java.net/node/865000