I need some suggestions on how to implement a security control.
The system I am working on has several modes. The security policy is different for differnt modes. For example, If the application is switched to "Maintainence" mode, all web resources can only be accessed by "Admin", all "Users" will be re-directed to an error page telling them the system is under maintainence. And there are some other modes too and the security constraints are different.
Can this be accomplished declaratively in DD? Or we have to do it programmatically?
If we have to it programmatically? In which level we should do the mode checking? If we don't have a Frontman Controller, do we have to the mode checking in each page?
Please share some thoughts.
Thanks in advance! [ June 06, 2006: Message edited by: Feifei Long ]