Is there any way to make a call such as "authorize(user, resource)" that returns a boolean to indicate if the user is authorized? I am looking for a way to programmatically either include or exclude a link on a page depending on whether the authenticated user is authorized to access the link's destination. I have a JNDI realm configured and the relevant <security-constraint> entries and they work great when going to the page directly. However, in the page that references the protected page I only want to display the link if the user is authorized to view it, so that they won't get the "403 - Access to the requested resource has been denied" error if they click on it. Does anyone have any ideas on how to do this in Tomcat 4.*?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
