We are working on J2EE project where different group of users would have different privileges. Privileges has to be implemented at page/JSP level and also field level(Particular field in the JSP can be visible for particular users only). Same JSP is used for more than one group of users. We have implemented above requirement with role based privileges. When ever new user id is created, that should be assigned to one of the roles provided. After completing phase1 work of the project, privilege requirements have been changed.As per new requirement, administrator would create new user id and assign the page level and field level privileges, no roles and user groups would be provide to administrator. Can anybody through some light on how to implement this kind of dynamic privileges for each user id ? Client is adamant on his new requirement.