It is a security related question. I can use "role"-based security checking. For example, John can view the sales reports if he has the "sales role". Now, I want to further restrict John to view the sales reports in his "region" only.
People say that I can use the
servlet filter. I do not know the validity of this statement. If it is valid, I need guidance to see some examples.
[ October 22, 2003: Message edited by: JiaPei Jen ]