> -----Original Message----- > From: Donald Ball [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 09, 2002 3:50 PM > To: [EMAIL PROTECTED] > Subject: getting list of usernames > > > we're writing a webapp which requires access control for various > operations. we wish to rely on the servlet container to handle > authenticating users, but we need to internally associate > usernames with > sets of permissions. to make things easy on the superuser, we > would like > to acquire a list of usernames in a given role instead of > requiring her > to enter each username manually. i can find no way in the servlet spec > to do this. does anyone have any suggestions? > > - donald
Have you considered rethinking the architecture of your web application? The existing mechanism is suitable for doing what you want to do, if you consider that each of the "operations" to be authorized is actually a web resource. What you're doing at the moment is completely bypassing this available mechanism, and recreating an EJB-style authorization mechanism. Just a thought. Regards, Arved Sandstrom ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
