This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Roles and Authentication

 
Vinod Kumar
Ranch Hand
Posts: 75
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have a web application where Security admin will define a role, assign it to a userId , assign the list of functions (create,edit etc) to the userId. Also userId can be made read/write access so that throughout the application he will have only read-only.

Here comes my problem, I have these role to functions and role to user and role to access information in a database.

What is the best way to implement the authorization ? i.e, hide or disable some buttons/menu links based on the database values. Or is there a better way to implement this requirement as my company requires to assign functions to a user dynamically without a program change.

Regards,
Vincent Robert
 
Vinod Kumar
Ranch Hand
Posts: 75
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is a J2EE Struts based application. No EJBs.
 
Edward Durai
Ranch Hand
Posts: 223
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Vincent,

You need two templates and tables
1. Role page
2. User Page

You can create role and assign the role for particular user. It may be multiple user can have a same role.

Role privileges is simply tree view. you can add all the modules in role privileges. you can check/uncheck fields.

Checked fields should be displayed. No need to check for hiding. because during assigning the Role privilege, you can create menu. So we avoid to check to hide other fields.

Hope it is helpful to you

Thanks
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic