I have app on Glassfish server with remote EJBs, which use JPA for database query.
I discovery that unauthorized users can lookup preconfigured DataSource on Glassfish server.
how can I protect DataSource from unauthorized users?
Paul , can you post some link about JVM security options? it is possible to create authorization module with realm, like it is in EJB.
for example use my costum realm for user authorization to use my JNDI DataSource.
subject: DataSource lookup from remote swing client