I have four roles; administrator, contributor, editor, and advisor. All registered members fall into one or more of these four roles and all registered members are kept in a database. 1. Administrators (least restrictive) can access all web resources. 2. Contributors can access the "edit" and "delete" functions as well as the "view" function. 3. editors and advisors (most restrictive) can only access the "view" function. How do I prepare my web.xml file? For example:
Thank you very much in advance.
posted 12 years ago
Have you looked at Web-Tier Security in the J2EE tutorial recently? The DTD for web.xml and the servlet specification also have some comments that are helpful. Did this help?