Hi, I have security roles defined in DB and would like to control servlet access based on userId(user logged in im my application) and allowed actions (stored in DB and can be changed anytime)
I was thinking about loading allowed action ( allowed servlet names) in to the session and check in servlet if this user can access servlet, but I guess it can be better way of doing it. What will the best and simplest way to do it in Tomcat 5.0.X ? Any suggestions are welcome! Thank you, Mark. __________________________________ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]