Menu
I have a JSP with Spring Security. I have a simple tag that determines if the user has an ADMIN role like this:
<sec:authorize access="hasRole('ADMIN')">
and works fine. I am now trying to implement across the site with many roles, so I have a UserAccess class with static Strings as constants for all my roles. so I try this:
<sec:authorize access="hasRole(UserAccess.ADMIN)">
But this is throwing:
Field or property 'UserAccess' cannot be found on object of type
'org.springframework.security.web.access.expression.WebSecurityExpressionRoot'
The class is in the classpath, I can access it with <% .. %> etc...
What is the best way to handle this?
602
To reference an instance inside hasRole you need to use the special T operator and use fully qualified name of the class.
<sec:authorize access="hasRole(T(package.UserAccess).ADMIN)">
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
