Could anyone please let me know if there is a good article or book on implementing a robust EJB application with a Role Based architecture ? I need to develop a complex application where users in particular groups have distinct functionalities and I need to control those functions in the menus that I display to the user...We are using an LDAP server to maintain the user and group information and Weblogic App server.
we have users in our system, but every can have all or a part of the rigts to use the business logic. for this we have an ACL (access control list) with permissions:
Possible entries are defined in ACL_Entry table. In our system the admin can create groups. To each group are assigned acl_entries. And each user in our system can be add to one or more groups. By each call of each method in the session facade we checking for the nedded acl and permission for the given user.