wood burning stoves 2.0*
The moose likes Struts and the fly likes Hide resources according user permissions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Hide resources according user permissions" Watch "Hide resources according user permissions" New topic
Author

Hide resources according user permissions

Mariano Javier
Greenhorn

Joined: May 15, 2007
Posts: 8
Hi i'm developening a struts application and i want to make my jsp according users permissions. For example i would like to hide a link to another jsp if the user doesn't have permission to see it.

Does anyone know a pattern or a tag lib to do this automatically? i'm looking for a better way than calling a method (something like isAuthorized() ) from a created object inside every jsp i have.
I also don't want every link in my jsp beeing inside an if statement.

Thanks in advance.
Merrill Higginson
Ranch Hand

Joined: Feb 15, 2005
Posts: 4864
One possible solution might be to develop your own custom tag that encapsulates your authorization logic. Example:

I know you said you didn't want everything inside an if statement, but there has to be some conditional logic in there somewhere. At least with a custom tag it's more readable.
[ October 20, 2007: Message edited by: Merrill Higginson ]

Merrill
Consultant, Sima Solutions
Mariano Javier
Greenhorn

Joined: May 15, 2007
Posts: 8
Thank you very much, i'll try to develop s jsp tags as you reccomend.
John Melton
Ranch Hand

Joined: Aug 17, 2004
Posts: 49
Merrill makes the correct suggestion. You could also use some existing libraries such as logic resent and logic:equals to accomplish the same thing if you're not keen on creating custom taglibs. Just a thought. However, the custom library is the right way to go if you have the time.
Hope this helps.


[url]www.jtmelton.com[/url]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Hide resources according user permissions
 
Similar Threads
Problem in accessing request object in child frames.
Security - Screen level vs Data element level
how to encode query string.
Best way to implement login + access rights
User, Group, Roles for J2ee applications