dcsimg
Managing access control programmatically
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Mihajlo_Jovanovic
Posted On:   Tuesday, February 4, 2003 07:28 AM

Suppose you have a J2EE application that delivers simple text files to users and it needs to manage access control based on roles users are assigned (to simplify things, assume authentication is handled by the container and you can look up user’s roles by using the method isUserInRole() of the HttpServletRequest interface). Could anyone suggest the best way to implement this? Keep in mind that simply declaring security constraints in the deployment descriptor would not be enough, since I have a JSP page dynamically reading the content of the directory where the content text files are stored and which needs to only list the files to which the authenticated user has access to. I was thinking of keeping some type of cont   More>>


Suppose you have a J2EE application that delivers simple text files to users and it needs to manage access control based on roles users are assigned (to simplify things, assume authentication is handled by the container and you can look up user’s roles by using the method isUserInRole() of the HttpServletRequest interface). Could anyone suggest the best way to implement this? Keep in mind that simply declaring security constraints in the deployment descriptor would not be enough, since I have a JSP page dynamically reading the content of the directory where the content text files are stored and which needs to only list the files to which the authenticated user has access to.



I was thinking of keeping some type of control file (possibly in XML) specifying roles and the corresponding files they have access to, and then parsing it in the controller servlet and saving the list of files this particular user has access to as a session context attribute. However, since I’m fairly new to the J2EE platform, I’m not sure whether it’s considered good practice to have such control file in the root directory of the application (or if it even makes sense to store it in XML instead of a simple properties file, since it’s hard to imagine a scenario where such a file would be used by any other application).

   <<Less
About | Sitemap | Contact