Question

I am planing to start a web-based project that involves user registrations just like forums/CMS, but my barrier is that I have not idea how to implement the so-called role-based access control.

I googled for "role-based access control" and I found in the results books about: Design Patters.

Is this related to what I need? Is there a tutorial about implementing this idea? Is the implementation on database-side or language programming-side?

Any reference? Any title?

Was it helpful?

Solution

Design your tables such that user can have one or multiple role based on your system

Define your access to pages for group

admin.allowed = .*
user.allowed=/home/.*,/profile/.*

in some properties file

Create a Web Filter that reads the user from session and determines the role and sees if the page it is being requested is allowed if not it redirects to some other page


See Also

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top