Hello All,
I am creating a JAVA EE application and I have a session level bean called MyApplicationSessionBean.
MyApplicationSessionBean.Java has the following:
private String userType;
public getuserType()
{
//business logic here to decide what type of user
//uses database for deciding what type of user
return userType;
}
userType can be either "admin", "customer", "anonymous" etc...
Now...I have the following link
http://myapplication/myapp/admin.jsp
this link should be viewable and available only for user of type "admin"
so on my site..I have menu tabs and one of the tabs is "Admin Section"...if the user clicks that he will be going to admin.jsp link shown above...
what I did is...I made this admin tab available to only admin users using rendered="#{mysessionBean.userType='admin'}"
so when a customer logs in, he would not see the tab...
but when the customer goes to the admin.jsp link by typing the URL, he or she can access the page contents...
how can I restrict that...
thanks
-Amor
[Message sent by forum member 'amorous' (amorous)]
http://forums.java.net/jive/thread.jspa?messageID=327879