how to hide menu options in jsp/html pages according to user logged in

Question

I menu option according to the user logged in.

I have created a simple login page with header.jsp, footer.jsp, user bean, servlet and dao. In header.jsp I have created menu options that contains AddDayWork, WeekTimeSheet, AddNewEmployee, RetrieveTimeSheet buttons for admin & manager. And for employees only AddDayWork, WeekTimeSheet buttons must be shown. If the login user is not admin or manager I don't want them to have access for AddNewEmployee, RetrieveTimeSheet buttons. please help

header.jsp

    <div class="nav">      

  <ul><li class="container"><img src="${pageContext.request.contextPath}/images/enabling.jpg" /></li>
  <li class="current"><a href="daywise.jsp">DayWise TimeSheet </a></li>
  <li><a href="timesheet.jsp">Weekly TimeSheet</a></li>
  <li><a href="newuser.jsp">Add New Employeer</a></li>
  <li><a href="retrieve.jsp">Retrieve TimeSheet</a></li>
</ul>
</div>

Index.jsp

<table>  
            <tr>  
                <td>User ID</td>  
                <td><input type="text" name="Emp_id" required="required" /></td>  
            </tr>  
            <tr>  
                <td>Password</td>  
                <td><input type="password" name="Pwd" required="required" /></td>  
            </tr>  
            <tr>  
                <td><input type="submit" value="Login" /></td>  
            </tr>  
        </table>  

LoginServlet.java

public void doGet(HttpServletRequest request, HttpServletResponse response)    
        throws ServletException, IOException {    


    response.setContentType("text/html");    
    PrintWriter out = response.getWriter();    

    String n=request.getParameter("Emp_id");    
    String p=request.getParameter("Pwd");   


    HttpSession session = request.getSession(false);  
    if(session!=null)
    session.setAttribute("name", n);  

    if(LoginDao.validate(n,p)){    
        RequestDispatcher rd=request.getRequestDispatcher("timesheet.jsp");    
        rd.forward(request,response);    
    }    
    else{    
        out.print("<p style=\"color:red\">Sorry Employee ID or password error</p>");    
        RequestDispatcher rd=request.getRequestDispatcher("index.jsp");    
        rd.include(request,response);  

    }    

    out.close();    
}
 protected void doPost(HttpServletRequest request,
        HttpServletResponse response)
        throws ServletException, IOException {
    doGet(request, response);
}

LoginDao.java

public class LoginDao { 

public static boolean validate(String name, String pass) {  

    boolean status = false;  
    PreparedStatement pst = null;  
    ResultSet rs = null;
    try{  
            Connection conn=ConnectionProvider.getConn(); 

        pst = conn.prepareStatement("select * from employee where Emp_id=? and Pwd=?");  
        pst.setString(1, name);  
        pst.setString(2, pass); 

        rs = pst.executeQuery();  
        status = rs.next();  

    } catch (Exception e) {  
        System.out.println(e);  
    } 
 return status;  
}  
}  

Answer 1

You have to create RBS (ROll Based System) 1. create a table to store the rolls of user 2. match with roll and write the code in if else statement ex:- //For admin

if(rollId == 1){
//  write code for other admin
}else{
   // write code for other user
 }