Does anyone have any thoughts on fine grained access control in Struts? Struts enables access control based on actions (see �Struts in Action�, Husted, et. al., pp 550-553), and most application servers can protect resources based on realms/roles.
But what about display options based on roles. For example, if you only wanted an �Admin� link to appear if the user was an administrator, what would be the best way to do this? You could make the �role� an attribute of the user object and then do a logic test for the appropriate role. Or it might be even better to write a logic tag that takes the user role as an attribute. Any thoughts? Thanks for your consideration. BTW. The Husted book is a very good book. Mike __________________________________________________ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
