• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Roles and Authentication

 
Ranch Hand
Posts: 75
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I have a web application where Security admin will define a role, assign it to a userId , assign the list of functions (create,edit etc) to the userId. Also userId can be made read/write access so that throughout the application he will have only read-only.

Here comes my problem, I have these role to functions and role to user and role to access information in a database.

What is the best way to implement the authorization ? i.e, hide or disable some buttons/menu links based on the database values. Or is there a better way to implement this requirement as my company requires to assign functions to a user dynamically without a program change.

Regards,
Vincent Robert
 
Vinod Kumar
Ranch Hand
Posts: 75
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is a J2EE Struts based application. No EJBs.
 
Ranch Hand
Posts: 223
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Vincent,

You need two templates and tables
1. Role page
2. User Page

You can create role and assign the role for particular user. It may be multiple user can have a same role.

Role privileges is simply tree view. you can add all the modules in role privileges. you can check/uncheck fields.

Checked fields should be displayed. No need to check for hiding. because during assigning the Role privilege, you can create menu. So we avoid to check to hide other fields.

Hope it is helpful to you

Thanks
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic