Abstract

Entity beans should not be declared remote.

Description

Entity beans that expose a remote interface become part of an application's attack surface. For performance reasons, an application should rarely uses remote entity beans, so there is a good chance that a remote entity bean declaration is an error.

Examples

	<ejb-jar>
		<enterprise-beans>
			<entity>
				<ejb-name>EmployeeRecord</ejb-name>
				<home>com.wombat.empl.EmployeeRecordHome</home>
				<remote>com.wombat.empl.EmployeeRecord</remote>
				...
			</entity>
			...
		</enterprise-beans>
	</ejb-jar>