We just have one level of security for all our JSF pages, but pages that cannot be secure (like the login page) must be done in plain JSP. Since we only have 1 or 2 of those, we just use a JSP and a servlet.
On Tue, 25 Jan 2005 14:21:41 +0100, niksa_os <[EMAIL PROTECTED]> wrote: > How do you handle security with JSF web application? > > For example, you have one admin and few users. > How do you protect some pages and how do you show/hide links for different > roles (admin, user) in navigation.jsf? > > And for example, if I have in HttpSession attr TYPE=admin what to put in jsf > page to check for TYPE and if TYPE is wrong to redirect to login.jsp? > -- -Heath Borders-Wing [EMAIL PROTECTED]
