Hello, everyone,
I was asked twice about the same question:Login.
A project is as follows:
There are different roles in the system: employee, manager, general manager. When they login, a
servlet will dispatch them to different pages. e.g, when employee login, servlet dispatch employee to employee page. Manager login, servlet dispatch manager to manager page.
There are actually two steps in this action, first, it must check the user name, password. Then it must determin the role, then dispatch.
Some say we can use LDAP(Authentation). But LDAP can't determin the role(Authorization).
Some say there is a database table behind the scene. But what are these tables? I heard there are many tables behind the scene.
Some say we can use deployment descriptor. But some books say in real project, we'd better use LDAP or DB.
What are the complete best solutions for this problem?
Best Regards,
Henry