On 8/28/07, Erik Vullings <[EMAIL PROTECTED]> wrote: > To clarify my understanding - how does it deal with protecting > links/functions. For example, assume I'm a regular, non-admin user and > access the application. Since I'm not an admin, I don't see the link to the > "Clear database" function, but somehow, I can guess it's link. How does the > framework protect me from invoking that link anyways? Do you have equivalent > functions as ifLoggedIn and ifRole in the java class files?
Yes, just use the @Secured("ROLE_ADMIN") annotation on the page class and the framework takes care of the rest. -- regards, Robin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]