||Security in Struts: User Delegation Made Possible|
|Subject:||What is the difference to setting the roles at the action level|
Response to: What is the difference to setting the roles at the action level
The article is not about role-based permissions but about delegating permissions to users beloging to the same group but who are in a different role.
The extension i specify here allows for users, like say the Manager of a certain department, to decide if he wants member x of his/her department to be able to view/edit action y. And if member a can view/edit action b. At least that is how it is used on one of the projects in production already ;-)
Please read the article again and hopefully it will all become clear to you.
Hear us Roar