The J2EE allows to define security pretty well at deployment time on server side component.

So it is easy in a GUI or a servlet to catch any security exception on a method call and display an informative message to the user.

This is fine so far but sometimes, we would like to know before calling the method if the user has sufficient rights. For example to disable a button, ...

Is there anyone having a nice pattern to implement this?