I need to access user info(permisson & role) in all the JSP pages so that certain operations(buttons/Link/Info) can be restricted based on the user. I am using framework struts1.2. Below are some of the option.
 Using Session
 Passing user info thru form-bean(but i am not able to get this in child window)
 Setting request in action & access in corresponding JSP(but need to get user details & set in request scope in all the action class. Looks redundant)
I would like to know the effective design to achieve this. Any suggestions would be highly appreciate.
In struts-config.xml file you can specify the roles. Every request is interpreted by RequestProcessor class. In the RequestProcessor class you will have processRoles() that takes request,response,ActionMapping as arguments. You can override this method to check the roles and permissions.