wood burning stoves 2.0*
The moose likes General Computing and the fly likes Controling Application Access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » General Computing
Bookmark "Controling Application Access" Watch "Controling Application Access" New topic
Author

Controling Application Access

Steve Dyke
Ranch Hand

Joined: Nov 16, 2004
Posts: 1393
Whold like some feedback on handleing access control. I have a master employee file that contains a job class. I have a file that assigns roles to each job class. My app looks at these roles to control access but this is where I could use some help.

Right now on my servlets that request JSP form I call the class with the user job class and role values. The class returns true or false. I then set a session attribute as either true or false. Then I use expression language and javascript to control display of the JSP.

Is there a better way? Please help.
Nicholas Jordan
Ranch Hand

Joined: Sep 17, 2006
Posts: 1282
Java Authentication and Authorization Service

When you get some headway on JAAS - move to security.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Controling Application Access
 
Similar Threads
Concurrent Authentication problem with intercept-url
accessing a java control within a static FormData class
JAAS with JSF misunderstanding
Spring security and Userid for authorization, instead of Role and few more questions
Java XML parser to parse the XML file