Menu
I want to display some content conditionally based on Roles using Spring Security JSP taglibs. But in Spring Security 3.1.x is checking for only one role.
I can use but ifAllGranted is deprecated.
Any help?
394
hasRole. Determines if the getAuthentication() has a particular authority within Authentication. getAuthorities() . This is similar to hasAuthority(String) except that this method implies that the String passed in is a role.
hasRole(' ') :- this method return true if the current logged in user has the role which we have provided in (' ') section., otherwise false.it will always returns true if the user has the 'admin' role. g_user. hasRoles():- this method return true if current logged in user has any single role atleast.
Description. hasRole([role]) Returns true if the current principal has the specified role. hasAnyRole([role1,role2]) Returns true if the current principal has any of the supplied roles (given as a comma-separated list of strings)
There is a special security expression in spring security:
hasAnyRole(list of roles) - true if the user has been granted any of the roles specified (given as a comma-separated list of strings).
I have never used it but I think it is exactly what you are looking for.
Example usage:
<security:authorize access="hasAnyRole('ADMIN', 'DEVELOPER')"> ... </security:authorize> Here is a link to the reference documentation where the standard spring security expressions are described. Also, here is a discussion where I described how to create custom expression if you need it.
99
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
