Hi All,
I m working on a web project where several
pages are used by variety of user roles (users have different
authorities for the application).
There are few users how have a application login but do not have authority to view some of the pages.
I need to restrict users from getting the restricted pages (not meant for
his/her authority), mearly by typing the url of those pages. I have set in the role id in the session but is there any way that I can secure pages from being accessed by un-authorised users (although having a valid id but no Previliges).
I had thought of adding a verfication on each jsp page but not sure whether it is good in terms of the maintainance and adding pages.
Regards,
Rahul
I m working on a web project where several
pages are used by variety of user roles (users have different
authorities for the application).
There are few users how have a application login but do not have authority to view some of the pages.
I need to restrict users from getting the restricted pages (not meant for
his/her authority), mearly by typing the url of those pages. I have set in the role id in the session but is there any way that I can secure pages from being accessed by un-authorised users (although having a valid id but no Previliges).
I had thought of adding a verfication on each jsp page but not sure whether it is good in terms of the maintainance and adding pages.
Regards,
Rahul