2 Replies Latest reply on Nov 19, 2003 4:07 AM by jimbrady

    How to precheck authorization

    jimbrady Newbie

      Hi,
      I have been searching for ages to try to find how I can precheck access to a URL within an application for the current authenticated user (in order not to display links that the user cannot use). I can't find anything - but I'm sure I saw this once. It must be easy as the container does this without problems.
      Can any body help here?
      Jim Brady

        • 1. Re: How to precheck authorization
          Mike Finn Apprentice

          Jim,
          Not sure if there is a way to do this by actually calling the links in question on every question - at least not without alot of work. This would be a fairly costly approach, anyway.

          A better way to do this is to use a guard in the JSP, to decide whether to show the link or not, based on the user being in the required role. You can do this by using the method isUserInRole(String role), or by creating a custom tag, which has an attribute "role".
          <lib:linkguard role="admin">
          <link....../>
          </lib:linkguard>

          Mike

          • 2. Re: How to precheck authorization
            jimbrady Newbie

            Thanks,
            that is what I have done in the end but I was hoping to avoid that as it means defining the security in two places instead of one.
            Jim Brady