Do it simple,
put a User bean into session scope just after user loged-in.
Every user have a User.PERMISSIONS property.
Then in JSP you do surround the links with JSTL <c:if or Struts
<bean:logic looking at ${User.PERMISSIONS}. If they OK, you show
the link, otherwise not.
In all Actions you check the User too, and if there a problem (which
means he put the forbiden action URL manually) you just redirect him to
playboy.com ;)
Cheers,
Danny
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
