GeeCON Prague 2014*
The moose likes JSP and the fly likes Storing pages a user can access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » JSP
Bookmark "Storing pages a user can access" Watch "Storing pages a user can access" New topic
Author

Storing pages a user can access

Dave Bosky
Ranch Hand

Joined: Dec 16, 2003
Posts: 72
I want to restrict users to specific pages after they properly login.
What would be the best method for storing the pages?

Should I store all the pages the user has access to in a session ArrayList variable and then check each page to see if a match is found in the list using a filter?

Thanks,
Dave
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61315
    
  66

Are you talking about storing the pages themselves? (If so, why?)

Or are you asking about a mechanism to determine who has access to what?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Dave Bosky
Ranch Hand

Joined: Dec 16, 2003
Posts: 72
I was asking about a mechanism to determine who has access to which pages and method would be best to accomplish this task. Sorry for the ill formatted question...

Thanks,
Dave
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61315
    
  66

One way to handle this could be to assign each user a role. Each page requires certain roles in order to be accessed. For example, admin pages require users to have the "ADMININSTRATOR" role.

There are lots of ways to keep track of which roles each page requires. One of the simplest might be a Map in the application context that uses the URI of the page as a key to a list of required roles (or a single role if your layout is that simple). This could be loaded by a context listener at app startup, perhaps from a properties file or an XML file.

If a role-based approach isn't appropriate, then there may be other ways. More info on how your app operates and is organized would be necessary.
 
GeeCON Prague 2014
 
subject: Storing pages a user can access