Hi,

currently i'm using JSP for presentation layer.
JSP works great with spring security because i can wrap html table columns in <sec> tags i show only columns that logged in user has privileges to see.

Now i'm planing to refactor presentation layer to use javascript DOJO framework and feed tables with JSON using ajax.
My problem is how to limit JSON serialization?
If domain object contains many properties how can i configure serializator to generate JSON witch contains only data from model properties based on current user roles?

Can spring security be used in that way, so i could define access roles on class property level?
If not, are you aware of some framework that has this capabilities?

thx for help,

Marko