I am a beginner in the world of ACL coding.I have no prior knowledge of filters and other concepts and cannot learn that because of time constraints.So I found an alternative way to implement ACL.
I have only 3 users suppose user,admin and sys.
So I just create jsp pages starting with the respective user types and the name of the page.
eg:- "userCheckStatus.jsp" and "sysCreateUser.jsp"
And then i check whether the usertype which is stored in the session matches with the respective page the user is trying to access. I just want to know that is this a good practise and will it provide me with the thing which I am trying to achieve. If not then what is lacking in the above method and please advise me for the same.
Thanks in advance!!!