You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Mark <se...@yahoo.com> on 2005/02/17 16:37:50 UTC

security in servlets (need an advice)

Hi,
I have security roles defined in DB and would like to control servlet
access based on userId(user logged in im my application) and allowed
actions (stored in DB and can be changed anytime)

I was thinking about loading allowed action ( allowed servlet names)
in to the session and check in servlet if this user can access
servlet, but  I guess it can be better way of doing it.

What will the best and simplest way to do it in Tomcat 5.0.X ?

Any suggestions are welcome!

Thank you,
Mark.


		
__________________________________ 
Do you Yahoo!? 
Take Yahoo! Mail with you! Get it on your mobile phone. 
http://mobile.yahoo.com/maildemo 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org