I would suggest you let the database do the enforcing. If you are using individual user IDs, define database groups with those access rights and place the users on them.
If you are using an application ID and doing user authentication in a different way, you can define an application ID for each one of those access right sets, define a datasource for each, and simply use the right datasource for the type of user. If your access rights requirements change in the future, you simply modify the access rights of the database group or application ID. -----Original Message----- From: ext hhlow [mailto:[EMAIL PROTECTED] Sent: Monday, January 19, 2004 1:50 AM To: Tomcat Users List Subject: Using JDBC Realms Hi, How can i group my users to 3 categories? that is : general users administrator registered users general users have no information stored in the car database whereas administrator and registered users have some kind of information stored in the car database general users can do select statements only registered users can do select, insert, update to the car database adminstrator have all the access to the car database Scenario ------------- Tom - general user He have no data in the database but he can do query on the car database Jack - registered user He have his information stored in the database, can do insert of information and updating information ot the car database Tim - administrator He have his information stored in the database, can do anything to the car database Anyone please give me a rough idea how is this possible. Thank you. Clement --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]