This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
I have a problem,I am developing an application, where multiple groups(Administrator,supervisor,inspector...) are there.And they have some restricted access only. Now the problem is if the user login from supervisor user id and if he has the url for administrator then he can access the page. I am checking the user in session the problem is the supervisor has login with userid and password and after that he is putting the url where he donot have access. Can anybody suggest how to control it?