Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Authorization in JSF based on permission of a component

843842Mar 3 2006 — edited Sep 10 2008

Hello,

I am trying to render components based on a permission.

so let say that
there are following permissions

Admin
Application-Read
Application-Write
Development

I need to set a permission for each component on a page.
Some user can only see the components that are ready only, others can see components that are for read/write users, and Admin person can see all the components that are on the page.

How would i do that in JSF. I have couple ideas that i am doing now, but i know that there are experts that have done this, and there must be an easy way of doing it.

I was thinking of extending my jsf components and add a attribute permission where i would be able to specify one ore more permission for each component(permissionAtt ("Admin,Application-Read"))
based on that i would then render the component by calling something like isAuthorized, which would check the permission of the user and the permission of the component. and then render it if it's true.

but this would mean that i have to modify a lot of components.

is there a easier way of doing this .

Thank you so much JSF experts

Robert

Locked Post

New comments cannot be posted to this locked post.

Locked on Oct 8 2008

Added on Mar 3 2006

#javaserver-faces

8 comments

716 views