I did something similar. I extended each struts HTML tag to take a rule and evaluate it in doStartTag. It then returns SKIP_BODY to hide it or super.doStartTag() to show it. Similarly doEndTag() returns EVAL_PAGE to hide it or super.doEndTag() to show it. I actually have 3 security levels and I call setDisabled() to disable the field if it is visible but not editable. It's not hard. - Dan
> -----Original Message----- > From: Mailing List [mailto:[EMAIL PROTECTED] > Sent: Wednesday, March 10, 2004 8:17 PM > To: [EMAIL PROTECTED] > Subject: a security framework! > > Hi, > I'm developing a web application with struts framework.I want > to design some jsp pages that support security at pages > level.The security that I want to be supported is that some > components of each page can be shown for certain user.I mean > that for each user deponds on his access to the system we can > show some components of each page and does'nt show other > components.Each user deponds on his type and access at the > system just can see his own pages.can you offer a good > framework for this goal that be compatible with struts framework. > > Regards > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
