Java Desktop Application and Functionality Autherization

I'm fairly new to java development开发者_运维问答 and I have found myself tasked with implementing a functionality authorization system for a desktop application written in java.

Currently the application requires user authentication at startup and users are authenticated against an active directory server via LDAP.

The application as it stands has no user privillage system in place, once a user is authenticated they have full access to the applications entire functionality.

What I need to do is define a number of user roles or groups which have access to different functionality i.e. user:Alice (of group:Admin) may see menuItem:EditCell in a popup menu for a JTable but user:Bob (of group:Peasant) may not.

It has been suggested that I look into Spring security and method/class annotation but I'm finding it a little difficult to get my head around the information I have found so far.

Is there anyone who has had a similar experience around who might be able to offer some assistance?

Cheers,

I would definitely recommend Shiro over Spring for your use case. Take a look at their website and go through the 10 minute quick guide. You'll be surprised at home much you can get done with simple, straightforward code.

For simple testing you can define roles within Shiro itself, but eventually you are going to want to put all the roles into your LDAP.