On 8/28/07, Erik Vullings <[EMAIL PROTECTED]> wrote:
> To clarify my understanding - how does it deal with protecting
> links/functions. For example, assume I'm a regular, non-admin user and
> access the application. Since I'm not an admin, I don't see the link to the
> "Clear database" function, but somehow, I can guess it's link. How does the
> framework protect me from invoking that link anyways? Do you have equivalent
> functions as ifLoggedIn and ifRole in the java class files?
Yes, just use the @Secured("ROLE_ADMIN") annotation on the page class
and the framework takes care of the rest.
--
regards,
Robin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
