Dyanamic Authorization Architecture


General J2EE: Dyanamic Authorization Architecture

  1. Dyanamic Authorization Architecture (2 messages)

    Can anyone suggest an architecture for doing the following:

    Many different users with different roles will be hitting the same Servlet. The resulting JSP's content needs to be based on the role of the user.

  2. Can you give a concrete example or more detail?

  3. the Rolw specific JSP can be accomplished by including it in your control servlet configuration... i'm guessing you are using servlets as Control entities.... since i do not know any specific details.... of how and what is configured in this app i'll give a general example...




          <operation uri="/myApp/PsychedOp">

            <actionref ref="PsycedActionPart1"/>

                <view role="jr_manager">jrPsyched.jsp</view>
                <view group="super_users">suPsyched.jsp</view>

    so you have a simple flow control routes the output to a specified view based on the role of the user or the group to which the user / role belongs....