How to use Ext JS for role based application

Question

I am planning to use Ext JS for a large application. The application\'s features are role based. When user login, they only see menu and screen features related to them. My

Answer 1

At our company, the jsp loads a configuration object that was created by the server based on the role of the current user. The client side then renders according to that configuration.

It is true that it could be hacked so that the initial object pretends to have more rights than it actually does; however, the hacker would get a security violation on the server when trying to do something he's not allowed to. So basically, the client side logic that applies security is just for the user's benefit, so he doesn't see more than he can. The server side checks (when an action is requested) is what actually enforces security.