I'll check into that. It sounds like maybe overkill to use EJB to do this
simple dynamic page so I don't know if that will fly. I've been looking for
an excuse to use/learn EJB though :) I was thinking more in terms of some
simple JNDI code in a servlet to iterate though any subdirectories under the
web root for this web app and check to see if the current user is authorized
to use each one and if so, add the link to the page. Does anyone know if
that is a viable approach? I don't know JNDI either, but will dive in if
that is the solution.
Thanks, Bill
-----Original Message-----
From: Jaisinh Nimbalkar [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 21, 2000 12:12 AM
To: [EMAIL PROTECTED]
Subject: Re: Dynamic Authorization Content
Dear Bill,
I can suggest you to use EJB session beans.
Validate User with data base.
Categorise this user with responsibility.
again categorise him with role.
define his domain
divide your Next(First Login validation - This will be Second ) Jsp in
proper presentation.
Present Comman domain to these users.
For your expected solution there is no atervnative to EJB.
You can visit to SPRINT organisations site that is developed by US.
Jaisinh
-----Original Message-----
From: Hines, Bill [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 20, 2000 10:38 AM
To: [EMAIL PROTECTED]
Subject: Dynamic Authorization Content
Say I have a site that has a main entry point, either a servlet or JSP, and
it is to be accessed by different types of users (brokers, agents, sales
people, etc). Some of the users are in more than one role. For now it's all
static content. The web root would be something like this:
mysite
mysite/brokers
mysite/agents
mysite/sales
mysite/etc
On the main page (servlet or JSP), I want to dynamically place links to each
of the sub-areas of the web site but only the ones that that user is
authorized for. So if someone is a broker and an agent, I want to
dynamically build the page showing only those two links. We're using NT as
our authentication mechanism with WebSphere, and I can set up groups in NT
that correspond to the different groups and place the users accordingly.
This will enable the security to do the dirty work and nobody will be able
to see something they shouldn't by virtue of the permissions set up on the
web resources in these directories being tied to the NT groups that a user
who is logged into belongs to.
That leaves only the task of programmatically figuring out what groups the
user is in so that I can build this dynamic page with only the appropriate
links. Can someone give me any type of code sample or point me towards one
to do this? I think it might be under the JNDI set of APIs, but I'm looking
to get this done quick for a demo so any help is appreciated.
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
