This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
It is a security related question. I can use "role"-based security checking. For example, John can view the sales reports if he has the "sales role". Now, I want to further restrict John to view the sales reports in his "region" only. People say that I can use the servlet filter. I do not know the validity of this statement. If it is valid, I need guidance to see some examples. [ October 22, 2003: Message edited by: JiaPei Jen ]