| Author |
Field Level Security
|
saumil baxi
Ranch Hand
Joined: Apr 18, 2008
Posts: 58
|
|
Hi,
In My Application,We need to implement security at each and every field that is shown on UI. We are using Spring framework in our application.Can one help me out in how to move forward.
My scenario in sort is :
suppose there are 10 fields that I am showing on screen
But some users will be shown just 5 other may be shown 7 or admin user would be shown all 10 fields.
Where shown this security check come? On my JSP level or at backend.
Thanks,
Saumil
|
 |
Dan Allen
Author
Ranch Hand
Joined: Mar 05, 2003
Posts: 164
|
|
|
This question could be answered for either Spring or Seam, so I will bite. If you want "hard" redaction, then you can use a Hibernate Filter to change the values to XXX when the query results are fetched. Most people will tell you, though, that you just use some tags in the JSP/Facelets to hide the fields. If you want to manage those fields, then you need something like ACLs.
|
Dan Allen | http://mojavelinux.com | Author of Seam in Action - http://mojavelinux.com/seaminaction
|
|
saumil baxi
Ranch Hand
Joined: Apr 18, 2008
Posts: 58
|
|
Thanks for the reply. But I am new to ACLs. Can you provide some link to sample example .
Regards,
Saumil
|
|
 |
|
|
subject: Field Level Security
|
|
|
0
