2 Replies Latest reply on Nov 19, 2003 4:07 AM by jimbrady

How to precheck authorization

jimbrady Oct 22, 2003 10:28 AM

Hi,
I have been searching for ages to try to find how I can precheck access to a URL within an application for the current authenticated user (in order not to display links that the user cannot use). I can't find anything - but I'm sure I saw this once. It must be easy as the container does this without problems.
Can any body help here?
Jim Brady

1. Re: How to precheck authorization

mikefinn Oct 28, 2003 5:47 PM (in response to jimbrady)

Jim,
Not sure if there is a way to do this by actually calling the links in question on every question - at least not without alot of work. This would be a fairly costly approach, anyway.

A better way to do this is to use a guard in the JSP, to decide whether to show the link or not, based on the user being in the required role. You can do this by using the method isUserInRole(String role), or by creating a custom tag, which has an attribute "role".
<lib:linkguard role="admin">
<link....../>
</lib:linkguard>

Mike
Actions
2. Re: How to precheck authorization

jimbrady Nov 19, 2003 4:07 AM (in response to jimbrady)

Thanks,
that is what I have done in the end but I was hoping to avoid that as it means defining the security in two places instead of one.
Jim Brady
Actions

Go to original post