Forums Register Login

Application security

+Pie Number of slices to send: Send
We have a running application with different levels of security. Based on the login we enable/disable access to certain modules. For example there are modules called payments, measures, credits, system etc. Only a user with administrator's rights can see the systems module(tab). This security is role based. Once a user enters a module, we check the access rights of thh role again to show nodes. This is the second level. The third level is whether / what buttons to be shown on top ( add, edit, delete etc). This is giving the user rights to certain operations. We currently have three different levels of security handled by three different code bases. This was done on an adhoc basis as requirements kept coming. Now we are looking at consolidating and refactoring the code. The idea is to handle security at a single place in the system. There will be a public interface which will take an object and decide which security is to be applied and accrodingly call the proper application. Can I get some suggestions on how to go about it by experienced people who have deone similar work in their applications before? May be Prasad DV can throw some light too?

Thanks,
Vasu
[ January 16, 2003: Message edited by: vasu maj ]
To do a great right, do a little wrong - shakepeare. twisted little ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com


reply
reply
This thread has been viewed 672 times.
Similar Threads
Application security
JSF page sequrity
Help with servlets
Web Applications and JAAS
User, Group, Roles for J2ee applications
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 29, 2024 09:36:02.