David
From: Mike Duffy <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Fine Grained Access Control in Sturts Date: Thu, 20 Mar 2003 12:23:07 -0800 (PST)
Does anyone have any thoughts on fine grained access control in Struts?
Struts enables access control based on actions (see ?Struts in Action?, Husted, et. al., pp 550-553), and most application servers can protect resources based on realms/roles.
But what about display options based on roles. For example, if you only wanted an ?Admin? link to appear if the user was an administrator, what would be the best way to do this?
You could make the ?role? an attribute of the user object and then do a logic test for the appropriate role. Or it might be even better to write a logic tag that takes the user role as an attribute. Any thoughts?
Thanks for your consideration.
BTW. The Husted book is a very good book.
Mike
__________________________________________________ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]