Setting access levels using JSP

I have a website using JSP to connect to an Oracle database. I would like to know how to set access levels to table information. For example i have a membership table containing member details. I want a member to only be able to VIEW their details and no one esle's (restricted access).
In addition to this i would like one particular member (Myself) to be able to VIEW, ADD, UPDATE, and DELETE all member details, and so i will need total access. How do i set these different access levels using JSP?

You don't set it in the JSP, you set it in a permissions table. There are many ways you can do this. One is to assign several static permission levels (Read, Edit, Admin) to users and write code that, for each page, grabs the user's access level and displays only the information he's got access to. You can also be more flexible and provide group privs, assign different privs to different pages/components, etc. In the former case, you'd just add a field to the user table that contains his access level; this is really sort of tiered access rather than modular. In the latter, you'd have a privileges type lookup table mapping, for example "Add Users" and "Add Events" to numeric ids. Then you'd have sort of a matrix table mapping user ids to privilege type ids. All you need to do to put this sort of access control to work is write something that gets the user's privileges into an array and test the array against the current app/page to see what to give the user. This allows for much more granular control than the tiered access.

I am not the most technical person out there :-) This is my understanding of what you wrote;
1) Access levels should be set at database level (In Oracle).
2) There are many different ways to do this, the first method you mentioned goes
something like:
(i) Set static permission levels e.g

CREATE table MEMBER
(
MEMBER_ID VARCHAR2(5) NOT NULL,
NAME VARCHAR2(20) NOT NULL,
ACCESS_LEVEL VARCHAR2(10),
PRIMARY KEY (MEMBER_ID));

INSERT into MEMBER
VALUES ('M1435', 'ALEX CANTON', 'Read Only' );

(ii) the second method you specified used an array - 'gets the user's privileges into an array and test the array against the current app/page to see what to give the user'.

The second method seems alot more trickier. Have i understood the first method correctly?

The second method is a bit trickier and probably isn't necessary unless you want pretty granular control over a person's access (controlling many buttons in a page or tabs in an application, for example). You seem to understand the first method I suggested perfectly. Hope that gets you off and running.

I still have a problem as this does not totally solve my problem. I now have two different sets of access levels, one being 'ADMIN' and the other being 'READ ONLY' which is what i wanted. But i still need the system to only allow members to view their details and no other members details on the website. How do i solve this? Should i have the members enter a 'username' and 'password' and this combination somehow gets transported into the URL as a POST METHOD retrieving only the member details that match the 'user name' and 'password' entered. Is this possible or is their a better way?

Yes, in order to implement any sort of access control, you'll need to have users login. Consider using either cookies or sessions to maintain state so that once a user enters a username and password, his login is kept alive until timeout X. Then, any time you're showing member details, you add a clause to the WHERE of your query that checks for username in the session/cookie. You might want to look up a tutorial on setting up an authenticated area on a Web site. I imagine there are several such tutorials on this site.