This content has been marked as final. Show 4 replies
You can create any plsql package and pass the security roles/username from application as parameters to your plsql package and use them in database accordingly. As you have multiple roles per user, you can pass them as ArrayList or Map and in plsql package create a plsql table to read them.
I need to pass not list of roles. I need to pass current role.
For example user have role admin and role accounter. After loggin in he has granted 2 roles. But how can I catch current role, that granted to open current jsf page.
For your question, though user has multiple roles, the page which he is viewing might have authorized to only one user role (check authorization in Jazn file of your application) and as you already know to which role the page is authorized, you can directly pass that specific role to your database package. My point is instead of trying to see user current role, try to get the role to which the page is authorized and use that in your plsql package.
problem comes in case only when user has two roles accountant and manager and both has access to view the page (which is not good practice, user can be either accountant or manager but not both).
Edited by: Ravi Nuka on Apr 4, 2013 10:54 AM
I 'll take you aproach.