One aproach: make all the users is a single role for CMA. In first action, make a getUserPricipal, and store in session bean (I also have getFullName in there, so I display in header loged in user name) the Session bean, add methods for getProjectRole() that calls dao to find this.
Based on sesionBean.getProejctRole(), your action/controller can do things like formBean.find(sessionBean.getProjectRole()) to only find things that are relevant. The book FastTrack to Struts, has a chapter on this, and also how to make this row based updates or row based RO .V Alexis Gallagher wrote: > Hello, > > I've gotten a lot of help just lurking on this list, > so I'm hoping my first question isn't too off base. > > I am trying to use the action "roles" parameter to > define fine-grained security constraints. However, > these constraints will apply to security roles which > are defined programmatically within my webapp and > which are net registered with the server's security > realm. > > So I'm wondering, is there a way to stop the server > from checking the "roles" parameter for its own > purposes, so that I can hijack it for my own? > > If I seem not just confused but totally off-base, I'll > stick the gory details of why I'm trying to do this in > a P.S.. > > Thanks, > Alexis Gallagher > > p.s. > Why would I want to do disable the server's check of > security roles? Well, in my system every user can > belong to multiple projects, but he can only browse > one project at a time. A user has both a global > security role (admin vs. non-admin) but also a > per-project security role (manager vs. member, etc.). > > My understanding is that container-managed security is > not intended to support a situation where a user's > role might changing depending on their position > session state (that is, what project they're > browsing). Also, container-managed security doesn't > have a vendor-neutral realm implementation. > > Nevertheless, it would be very convenient to > declaritively configure all these security > constraints, and I can just put the security logic my > action base class. > > > > __________________________________________________ > Do you Yahoo!? > New DSL Internet Access from SBC & Yahoo! > http://sbc.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
