I am developing a JSF application, and the archive (war) will be provided to several clients and will be separately deployed on their own Tomcat servers. It is just a front-end application, and it uses web services to communicate with a remote server.
In my application JSF some tabs and panels are displayed conditionally in accordance with ORG_IDand Rolesauthorized user. All these restrictions are written on the .xhtmlpages as EL:
<rich:tab header="Registration" rendered="#{permissionController.hasSuperRole()}"/>
Because this application is deployed on client premises, they can edit files .xhtmland remove these restrictions. Is there a way to overcome this problem by encrypting the xhtml files, checking the last modified date ...?
source
share