Whats the best strategy to implement a basic rights-management in a Web-Application? I need to secure the REST server and also hide the denied parts in the web-client.
I
