If you use a filter, to filter actions based on role, the action wouldn't have to know about security. If your authentication sticks the user information into the session, the action could make decisions based on the user information.
Edgar > -----Original Message----- > From: Jagadeesan,Sivakumar > [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 27, 2003 3:50 PM > To: 'Struts Users Mailing List' > Subject: Actions based on Role > > > I have web application where users could of three types (Roles) > > 1) Basic User > 2) Silver User > 3) Gold User > > According to Type / Role of user some actions could be > performed or not performed. > > I could set in my stuts-config.xml, the role based access in > Action Element > > I am having my own authentication System that uses the > database . The User table has the userName and also the Role. > > I am not sure how could I create a Role that the Action is > expecting , if I am using my own authentication > > Thanx > --Siva Jagadeesan > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
