Logo 
Search:

Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

web application security

  Asked By: Ira    Date: Oct 09    Category: Java    Views: 787
  

I Working In Web Application Using J2EE Which Contain Many Function & Reports
So
I assign to each Function And Report an Id Number
And Set all of That To each user and set all privalage for each user(insert,update,delete,query)
all of that saved into database
The Problem is that .
i need to check user privalage for each function
i need to load the privilage map for each user each time he logs in, i have a relatively large number of functions, so the privilage map is relatively large. what is the optimum way to maintain this map for each user (the number of concurrent users is relatively large) ... i think if i keep it in the session variable it will be very space consuming.
any suggestions?

Share: 

 

2 Answers Found

 
Answer #1    Answered By: Olivia Campbell     Answered On: Oct 09

I am not sure this is the answer to your question.

Consider you have an abstract class User.

User type 1 with whatever privileges and rights is a child of user  and
encapsulates all
its privileges and rights, and of course at run time  you can query the objects
about its
privileges and rights and allow them to do whatever .

User type 2 with whatever privileges and rights is a child of User and
encapsulates all
its privileges and rights, and ……

You mentioned optimum.
My question is optimum for what, memory use, speed, maintainability, scalability
?

What I suggested would give X number  of user types ( predefined, compile time ),
even
though you may have n number of people ( will vary, run time ) doing their
stuff.

 
Answer #2    Answered By: Hariz Burki     Answered On: Oct 09

Make Properties object which best for getting right any time  in any form and reports

 
Didn't find what you were looking for? Find more on web application security Or get search suggestion and latest updates.




Tagged: