4.6. Identifying User Roles

RichFaces also lets you check whether the logged-in user belongs to a certain user role with the rich:isUserInRole(Object) function. This function takes a String or a comma-delineated list of Strings, a Collection, etc. as arguments and returns a Boolean value.

As an example, imagine that you need to render some controls only for administrators. To do so, create an administrator role (admin) in your web.xml file. Then implement authorization that assigns the admin role to the user that has logged in as an administrator. Once this has been done, you can use the rich:isUserInRole(Object) function with the rendered attribute of any component. For example:

...
<rich:editor value="#{bean.text}"  rendered="#{rich:isUserInRole('admin')}" />
...

Here, only a logged-in user with an admin role can see the text editor, which will not be rendered for users with other roles.