**************************************************************************
Note: This e-mail is subject to the disclaimer contained at the bottom
of this message.
**************************************************************************
:
Hi Matt,
It seems to me it is too much business logic in the presentation layer. How
about using same way as struts transformation do.
In JSP it looks like
<bean:define id="securityHandler" scope="application" name
="com.xxx.securityHandler" type="com.xxx.securityHandler">
<html:input name="aBean" property="dateOfBirth" security="
<%=securityHandler %>" securityLevel="3"/>
The class com.xxx.securityHandler is loaded by struts extendsion loader
into application scope. It inits with an XML document that contains
security and role mapping.
e.g.
<security>
<level id="3">
<role id="normal user">
<readOnly>
</role>
</level>
</security>
The <html:input /> tag was extends to support passed in a security handler
object and security level for this field or this page. It generates HTML
base on the return TRUE or FALSE from the security handler.
However, this is not going to solve the problem if user saves the page into
a file and edits the html file and then submits it back to the server.
Any suggestion?
Regards
Kelvin
:
********************************************************************************
The information transmitted in this message and attachments (if any)
is intended only for the person or entity to which it is addressed.
The message may contain confidential and/or privileged material.
Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon this information, by persons or entities
other than the intended recipient is prohibited.
If you have received this in error, please contact the sender and delete this
e-mail and associated material from any computer.
The intended recipient of this e-mail may only use, reproduce, disclose or
distribute the information contained in this e-mail and any attached files,
with the permission of CGU Insurance.
This message has been scanned for viruses and cleared by MailMarshal.
********************************************************************
:
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
