• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Field Level Security

 
saumil baxi
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
In My Application,We need to implement security at each and every field that is shown on UI. We are using Spring framework in our application.Can one help me out in how to move forward.

My scenario in sort is :
suppose there are 10 fields that I am showing on screen
But some users will be shown just 5 other may be shown 7 or admin user would be shown all 10 fields.

Where shown this security check come? On my JSP level or at backend.

Thanks,
Saumil
 
Dan Allen
Author
Ranch Hand
Posts: 164
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This question could be answered for either Spring or Seam, so I will bite. If you want "hard" redaction, then you can use a Hibernate Filter to change the values to XXX when the query results are fetched. Most people will tell you, though, that you just use some tags in the JSP/Facelets to hide the fields. If you want to manage those fields, then you need something like ACLs.
 
saumil baxi
Ranch Hand
Posts: 58
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply. But I am new to ACLs. Can you provide some link to sample example .

Regards,
Saumil
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic