You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@struts.apache.org by Puneet Agarwal <pu...@delhi.tcs.co.in> on 2003/04/02 17:50:57 UTC

Item Level Security

In our application every button does not have to be enabled for every user.

on server side we have a list of functions that are available for a
particular role and every user session has his role information.

what we have done to do this is:

we included another attribute (named function) in html taglib's  "image"
tag.

and in the ImageTag.java we checked whether current user role is allowed to
perform this function, if yes this button is enabled otherwise not.

Is there any better approach to do this ?

Regards,
Puneet Agarwal

Tata Consultancy Services,
C-56, Phase - II, NOIDA 201305 (India)
Phone: +91-120-2461001, 2, 7, 8, 9, 12, 13 (Ext. 1031)
FAX              : +91-120-246 1521

Struts ... Action ... Struts in Action ... Action in Struts ... Action
"with" Struts ...


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org