We have a running application with different levels of security. Based on the login we enable/disable access to certain modules. For example there are modules called payments, measures, credits, system etc. Only a user with administrator's rights can see the systems module(tab). This security is role based. Once a user enters a module, we check the access rights of thh role again to show nodes. This is the second level. The third level is whether / what buttons to be shown on top ( add, edit, delete etc). This is giving the user rights to certain operations. We currently have three different levels of security handled by three different code bases. This was done on an adhoc basis as requirements kept coming. Now we are looking at consolidating and refactoring the code. The idea is to handle security at a single place in the system. There will be a public interface which will take an object and decide which security is to be applied and accrodingly call the proper application. Can I get some suggestions on how to go about it by experienced people who have deone similar work in their applications before? May be Prasad DV can throw some light too?
Thanks, Vasu [ January 16, 2003: Message edited by: vasu maj ]