File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Struts and the fly likes User Authorisation based on Roles Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "User Authorisation based on Roles" Watch "User Authorisation based on Roles" New topic

User Authorisation based on Roles

Prakash Mani - Attur
Ranch Hand

Joined: Oct 08, 2009
Posts: 100
I have a big problem in my application.. Please reply...

My application has ten modules.. There are 13 Roles..Each one has different access..Say Admins can access all the ten modules.. Call center people can access only three modules(say mod1,mod2,mod3).. The problem is if the call center people know the url for mod4 or mod5 he can access that modules.. But for his role it is denied to access the other modules...

How to keep stop the other roles form accessing the other modules...
The main problem is i should not use the web.xml to define roles..Is there any way to deny access using session???
I agree. Here's the link:
subject: User Authorisation based on Roles
jQuery in Action, 3rd edition