File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Other Application Frameworks and the fly likes Field Level Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Other Application Frameworks
Bookmark "Field Level Security" Watch "Field Level Security" New topic
Author

Field Level Security

saumil baxi
Ranch Hand

Joined: Apr 18, 2008
Posts: 58
Hi,
In My Application,We need to implement security at each and every field that is shown on UI. We are using Spring framework in our application.Can one help me out in how to move forward.

My scenario in sort is :
suppose there are 10 fields that I am showing on screen
But some users will be shown just 5 other may be shown 7 or admin user would be shown all 10 fields.

Where shown this security check come? On my JSP level or at backend.

Thanks,
Saumil
Dan Allen
Author
Ranch Hand

Joined: Mar 05, 2003
Posts: 164
This question could be answered for either Spring or Seam, so I will bite. If you want "hard" redaction, then you can use a Hibernate Filter to change the values to XXX when the query results are fetched. Most people will tell you, though, that you just use some tags in the JSP/Facelets to hide the fields. If you want to manage those fields, then you need something like ACLs.


Dan Allen | http://mojavelinux.com | Author of Seam in Action - http://mojavelinux.com/seaminaction
saumil baxi
Ranch Hand

Joined: Apr 18, 2008
Posts: 58
Thanks for the reply. But I am new to ACLs. Can you provide some link to sample example .

Regards,
Saumil
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Field Level Security
 
Similar Threads
Star Trek question
why no errors shown for password validation in struts 1.2.4
Field level security
How to decide that method shoukld be static or not?
Modify components in backing bean