Re: Finegrained access control

2006-02-28 Thread Morten Andersen
Dave Newton skrev: Morten Andersen wrote: Now if I can determine whether the user has logged in. How can I use the request parameters to determine the users role on specific pages? I know that I can invent my own control, it just seems like something many others would need. Any tools availabl

Re: Finegrained access control

2006-02-28 Thread Mark Lowe
On 2/28/06, Dave Newton <[EMAIL PROTECTED]> wrote: > Morten Andersen wrote: > > Now if I can determine whether the user has logged in. How can I use > > the request parameters to determine the users role on specific pages? > > I know that I can invent my own control, it just seems like something >

Re: Finegrained access control

2006-02-28 Thread Dave Newton
Morten Andersen wrote: > Now if I can determine whether the user has logged in. How can I use > the request parameters to determine the users role on specific pages? > I know that I can invent my own control, it just seems like something > many others would need. Any tools available? I still don't

Re: Finegrained access control

2006-02-28 Thread Morten Andersen
Mark Lowe skrev: On 2/28/06, Emmanouil Batsis <[EMAIL PROTECTED]> wrote: Dave Newton wrote: If you want _fine_-grained access control drop Spring on top of Struts and use Acegi. For us not wanting to put yet another framework into the table, any advice and pointers from more

Re: Finegrained access control

2006-02-28 Thread Mark Lowe
On 2/28/06, Emmanouil Batsis <[EMAIL PROTECTED]> wrote: > Dave Newton wrote: > > >If you want _fine_-grained access control drop Spring on top of Struts > >and use Acegi. > > > > > > For us not wanting to put yet another framework into the table, any > advice and pointers from more experienced peop

Re: Finegrained access control

2006-02-28 Thread Emmanouil Batsis
Dave Newton wrote: If you want _fine_-grained access control drop Spring on top of Struts and use Acegi. For us not wanting to put yet another framework into the table, any advice and pointers from more experienced people out there? My usual requirement is operation rights for roles in g

Re: Finegrained access control

2006-02-28 Thread Morten Andersen
Dave Newton skrev: Morten Andersen wrote: This I would implement in RequestProcessor.processActionPerform(...) where I check the users role for the specific page and based on that get the respons taylored for that role and check whether they may do what they intend. RequestProcessor.pr

Re: Finegrained access control

2006-02-28 Thread Dave Newton
Morten Andersen wrote: > This I would implement in RequestProcessor.processActionPerform(...) > where I check the users role for the specific page and based on that get > the respons taylored for that role and check whether they may do what > they intend. RequestProcessor.processRoles? > > Example