Hello Tarek, I'd say front your application with a Servlet Filter that checks for the security of the current page against security runles defined in database/XML and probably cached for the current session to avoid hitting database for every request.
ATTA On 5/25/05, tarek.nabil <[EMAIL PROTECTED]> wrote: > Hi everyone, > > We're building a project using Struts and are about to start on the > security module. The requirements are that security should be fine > grained, which means that it can not be on the module level, but rather > on the JSP or Action level. Actually, the users might ask for security > on the button level, but we intend to push back on that one. > > Are there any widely used approaches or best practices that we can > follow? > > Note that we will not be using J2EE based authentication and security, > which means we have a custom login process. > > Any suggestions are appreciated. > > Thanks > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
