7.5.15 What is the normal way of asserting that unauthorized clients cannot connect to an object that an authenticated client is using?

 

Mike

(March, 1999)⁵⁵ : SSL authenticates a user on a per session basis, so it does not restrict access on a per-object basis. You'd have to add in code to your Factory object to prevent users from accessing certain objects. Shouldn't be too difficult, and is pretty secure since you've authenticated the user.