Hi Danny When the user logs in, he can work with say 10 JSP pages in the application, each page works on different table in the DB (so each page can give a user a maximum of 4 links to the DB table) - do you mean that the PERMISSIONS property will hold 40 permission flags (10*4)?
I'm not sure I understand the User bean structure, can you please send it? Thanks a lot Rivka -----Original Message----- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Danny Lee Sent: Wednesday, January 11, 2006 3:48 PM To: user@struts.apache.org Subject: Re: Enabling links according to user's authorization Do it simple, put a User bean into session scope just after user loged-in. Every user have a User.PERMISSIONS property. Then in JSP you do surround the links with JSTL <c:if or Struts <bean:logic looking at ${User.PERMISSIONS}. If they OK, you show the link, otherwise not. In all Actions you check the User too, and if there a problem (which means he put the forbiden action URL manually) you just redirect him to playboy.com ;) Cheers, Danny --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]