struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Friedman" <>
Subject RE: Wanted API to handle user roles
Date Mon, 03 Nov 2003 17:14:21 GMT
Try this:

I just wish there were a day to update (add/remove)
roles during production.  That way, I could switch
an admistrator to a client's ID and fix something
for the client, then switch back.  But, everything
I've seen about roles shows that Tomcat Principals
are ready-only, not mutable.


-----Original Message-----
From: news []On Behalf Of Vic Cekvenich
Sent: Monday, November 03, 2003 11:16 AM
Subject: Re: Wanted API to handle user roles

You can use J2EE container security to autheticate the user and for some
high level security.
For low level and complex security, once the user is identified, you can
extend it.
I use JDBC relms with a self join and row level security.
So a user in a certian level of a tree can see for example all content
from Texas. But same user can't see all the rows from NYC. And since it
is stored in a SQL tree... no problem nesting, etc.

It would take too long to exaplin all the design details, but it should
nudge you in the right direction.

Zsolt Koppany wrote:

> Hi,
> I'm searching for a Java library to implement Role based access in a Web
> application. This API must support some kind of hierarchy. For example a
> user might have all roles in a project (project administrator) but only
> limited (or no) roles in an other project.
> As far as I know, tomcat supports only user based roles, thus a user has a
> role assigned to him everywhere.
> Any suggestion?
> Zsolt

Victor Cekvenich,
Struts Instructor
(215) 321-9146

Advanced Struts Training
<> Server Side Java
training with Rich UI, mentoring, designs, samples and project recovery
in North East.
Simple best practice basic Portal, a Struts CMS, Membership, Forums,
Shopping and Credit processing, <> software, ready
to develop/customize; requires a db to run.

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message