Rightsmanagement - Visibility - Accessability

I’m new to Vaadin and currently evaluating the pros and cons of Vaadin with respect to an application I want to migrate from desktop to web.
The application will be running in an intranet environment.
I have to provide a quite complex rightsmanagement.
Currently (in the desktop version), there is some kind of template/full version of every inputform (consisting of listboxes, texfields etc.). Depending on the user logged in, only parts of the inputform are set visible.
The parameters, which fields are visible to which user, are stored in a database. From time to time the visibilityproperties for some users may change, or new users may be added. As the visibilityparameters are loaded from the database with each start of the desktop application, the changes take effect with the next start of the program. So even for the web based application, no live-changes of visibility are required, it’s enough if the changes take effect with the next login. The same as for visibility goes for read-only-access.
What way would you suggest me to go, to convert the desktop application into a web application with respect to the rightsmanagement.

I thought about extending every type of field used (textfield, radiobutton, etc.) and overwriting the isVisible and isReadOnly functions, putting some code in it, which checks in the database whether the field is visible to the current user.
If I set the visibility to false, is the field then absolutly invisible and !inaccassible! to the user, or could he still find it using something like Mozilla Firebug?
Another way I’m thinking about is to put every fieldinitialization in the code in an if-else block which checks whether the field is visible to the user.
But this would produce loads of redundant code.

Can you imagine of other, better ways to do this than the ones I suggested?
Thanks in advance,

Have a nice day,


Hi. Take a look at the
, especially its
modules. You could use those to manage your user permissions. To actually limit the visible fields in a form, you can simple call the
method to specify which fields should be included in the form. The fields you do not specify in this method are
rendered at all, not even as hidden fields, so you don’t have to worry about people accessing them.

Thank you, that’s exactly what I was looking for.