nerdgirl
发贴: 1
积分: 0
|
于 2006-06-07 22:06
Hi,
Sorry I don't chinese input on my machine now. I am currently working on a project which is still in design phase. Since i am very new to JSP based Web applications, I am kind of stucked in the security part.
I really need some suggestions on how to implement a security control.
The system I am working on has several modes. The security policy is different for differnt modes. For example, If the application is switched to "Maintainence" mode, all web resources can only be accessed by "Admin", all "Users" will be re-directed to an error page telling them the system is under maintainence. And there are some other modes too and the security constraints are different.
Can this be accomplished declaratively in DD? Or we have to do it programmatically?
If we have to it programmatically? In which level we should do the mode checking? If we don't have a frontman controller, do we have to the mode checking in each page?
Please please share some thoughts!!!
Thanks in advance!
|