"Least Privilege" implementation strategy

I am new to java web programming and want to understand the best practices method of implementing Least Privilege concepts when applied to page designer access.

As I design my 1st app, I foresee a need to have application scope and session scope objects that are accessible by controllers and models but not by page designers. Based on what I have read so far, I have made the following assumptions.

Assumption 1: My understanding so far is that the only way (outside of a database) to share objects accross application and session is to use the the Attributes maps.

Assumption 2: Once an object has been exposed to the Attributes map, it is automatically available to page markup.

Are the assumptions correct?

What are the best practices for this business need?