Home Projects Jobs Clientele Contact


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: UU: keeping track of user and his access

Alexey Parshin wrote:
> Yes, it is :) We don't have to block object modifications this way. Blocking
> object modifications is implemented on the database level. We just have to
> avoid user confusion, so hiding, for instance, 'Edit' button would do. And,
> if someone is stubborn enough to try navigation by typing Servlet names and
> GET parameters w/o a correct password - he/she deserves a confusion.
> Generally, we're discussing the state of system at the moment when only one
> page (Home) is more or less implemented (security-wise). I've just started
> the process of adding this code two-three days ago.
I understand it's all work in progress. I just want to do it in more
way from the very beginning.

Authoright © Total Knowledge: 2001-2008