Dyanamic Authorization Architecture

Discussions

General J2EE: Dyanamic Authorization Architecture

  1. Dyanamic Authorization Architecture (2 messages)

    Can anyone suggest an architecture for doing the following:

    Many different users with different roles will be hitting the same Servlet. The resulting JSP's content needs to be based on the role of the user.

    Thanks,
    Perry
  2. Can you give a concrete example or more detail?

    Tinou
    www.tinou.com
  3. the Rolw specific JSP can be accomplished by including it in your control servlet configuration... i'm guessing you are using servlets as Control entities.... since i do not know any specific details.... of how and what is configured in this app i'll give a general example...
    <hr>

    <app>
      <actions>

        <action
         name="PsychedActionPart1"
         class="myApp.PAP1"/>

        <action
         name="PsychedActionPart2"
         class="myApp.PAP2"/>
      </actions>

      <operations>
          <operation uri="/myApp/PsychedOp">

            <actionref ref="PsycedActionPart1"/>

            <actionref
             ref="PsycedActionPart1"
             error="GenericError.jsp"/>
            
            <views>
                <view role="jr_manager">jrPsyched.jsp</view>
                <view group="super_users">suPsyched.jsp</view>
                <viewDefault>Psyched.jsp</view>
            </views>
          </actionset>
      </operations>
    </app>
    </hr>

    so you have a simple flow control routes the output to a specified view based on the role of the user or the group to which the user / role belongs....

    chz

    Adi