0

My web application is using Spring MVC. Each user has multiple roles. Each role has an access level.The access level defines whether user has access to particular screen or not. Also it defines that on a particular screen which fields it can modify?

The relationship between access level, screen and fields is defined in a table right now. Which is really complicated and the only way to Add, remove , update is through scripts.

Can anybody suggest me some other way to do this?

Regards, Pawan.

webdev
  • 598
  • 5
  • 16
  • Use Spring Security, setup some directory service for users/roles (ldap?). Create a general set of roles, assign them to groups in your directory service and put the users in the groups. Use Spring Security JSTL tags in your Views to control form elements based on roles, and use Spring Security annotations on methods in the controller/service to enforce roles on the business logic side. – CodeChimp Mar 27 '13 at 12:06
  • Thanks for the suggestion. But I can not move to LDAP and also I am unable to change my database. Its kind of centralized database for many applications. Do you think using Drools will help? – webdev Mar 27 '13 at 17:21
  • I never used Drools, but in my limited understanding of it I think its just a Business Rules engine. You can use Spring Security with a DB, but your question did not place limits so I went with "best case". LDAP would be the best option, IMO, but I have written plenty of apps that have users and roles in a table. For Spring Security, you would most likely use a custom UserDetailsService to load your user and set the roles. There are loads of howtos on setting up Spring Security using a DB for the user store out on the net. – CodeChimp Mar 27 '13 at 18:01

0 Answers0