• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
Sheriffs:
  • paul wheaton
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Piet Souris
Bartenders:
  • Mike London

Doing User Authentication and Authorization in Spring Boot.

 
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!

I am creating an application which requires 3 user roles:

Admin, Manager and User.

I have 2 web pages:

CRUD users webpage, view and edit Other Info webpage.

Admin role can have all CRUD use cases as well as the Other Info webpage. Manager can have Read and Edit Other Info web pages and User can view Other Info only.

I have read up some tutorials but I have some queries:

1) In the view and edit other info webpage, how can I differentiate between Manager and User? I mean the edit icon will be hidden from the User. How to achieve this in the webpage?
2) How can I stop User in Spring Boot from using POSTMAN to edit the Other Info web page?
3) How can I hide the CRUD user webpage hyperlinks from the Manager & User? What if they type in the URI in the address bar and access the CRUD webpage? How would Spring Boot manage this?

Thanks for your help.
 
Saloon Keeper
Posts: 26554
187
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Likes 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
https://spring.io/guides/gs/securing-web/
 
reply
    Bookmark Topic Watch Topic
  • New Topic