Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

User Authorisation based on Roles

 
Prakash Mani - Attur
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a big problem in my application.. Please reply...

My application has ten modules.. There are 13 Roles..Each one has different access..Say Admins can access all the ten modules.. Call center people can access only three modules(say mod1,mod2,mod3).. The problem is if the call center people know the url for mod4 or mod5 he can access that modules.. But for his role it is denied to access the other modules...

How to keep stop the other roles form accessing the other modules...
The main problem is i should not use the web.xml to define roles..Is there any way to deny access using session???
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic