Hi, Could anyone of you give some URLs or ideas about the best way to handle role-based access to pages and parts of pages?
I reworked the authentication-fw flow example into my webapp, so now I have some user information available in a session. I added the protect() function to all pipelines that need protection and I'm able to include parts of pages based on the role of the user. I could of course modify protect() to check the role and decide whether the page can be accessed or not, but I feel I'm spreading the authorization information throughout the application and I'd prefer to keep it together. Any ideas? Bye, Helma van der Linden --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
