I'm in the process of developing my first Struts application, so forgive me if this question is insulting everybody's intellect.
The application I'm working on is a support portal where you can download technical document, drivers etc. The tricky part is, that certain documents should be only accessible to users with a certain role.
My idea so far is to put a user object in the session and to evaluate the role (and therefore the access level) of the user for all views that are displaying data which might be restricted.
I guess the easiest way would be using a jsp tag like <security:checkAccessLevel /> which would retrieve the user object from the session (if it exists) and the then filter the data accordingly. Is there such "security taglib" around?
Has anybody worked on a similar scenario? What is the best approach to solve this problem? Is there a best practice for it? Any tips, hints, code snippets are welcome.
Thank you very much.
Patrick
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
