File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes Storing pages a user can access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Storing pages a user can access" Watch "Storing pages a user can access" New topic
Author

Storing pages a user can access

Dave Bosky
Ranch Hand

Joined: Dec 16, 2003
Posts: 72
I want to restrict users to specific pages after they properly login.
What would be the best method for storing the pages?

Should I store all the pages the user has access to in a session ArrayList variable and then check each page to see if a match is found in the list using a filter?

Thanks,
Dave
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61092
    
  66

Are you talking about storing the pages themselves? (If so, why?)

Or are you asking about a mechanism to determine who has access to what?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Dave Bosky
Ranch Hand

Joined: Dec 16, 2003
Posts: 72
I was asking about a mechanism to determine who has access to which pages and method would be best to accomplish this task. Sorry for the ill formatted question...

Thanks,
Dave
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61092
    
  66

One way to handle this could be to assign each user a role. Each page requires certain roles in order to be accessed. For example, admin pages require users to have the "ADMININSTRATOR" role.

There are lots of ways to keep track of which roles each page requires. One of the simplest might be a Map in the application context that uses the URI of the page as a key to a list of required roles (or a single role if your layout is that simple). This could be loaded by a context listener at app startup, perhaps from a properties file or an XML file.

If a role-based approach isn't appropriate, then there may be other ways. More info on how your app operates and is organized would be necessary.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Storing pages a user can access