Security.xml
Judging the permissions of a user: 1. Take an action ID2. Take the role to which the user belongs 3. Deconstrate whether the role allows Action, the security start, the prohibited priority is allowed to allow 4.1 Allow, to determine if the user is forbidden, the Action 4.2 is prohibited, Determine if the user allows the action
Note: 1.Disable: The default value is false. This property is not a must, indicating whether the operation is forbidden to be, for example, user LimitGuest, which is original to belong 4, with a viewUser permission, but disable = "true" can not be used-> < ! - Operation ->
security.dtd <
! Entity% Standardattribute "ID NMTOKEN #Required Name Nmtoken #Required Display Cdata #Required">
! Attlist user-action id nmtokens #Required Disable (true | false)" false ">
