<p>I have about the equivalent to the following in my jsp. Neither here nor there are displayed!</p> <p>My first foray into Spring Security 3.0.5. I've used 3.0.3 without issue.</p> <pre class="prettyprint"><code><sec:authorize ifNotGranted="ROLE_ACTIVE"> here </sec:authorize> <sec:authorize ifAnyGranted="ROLE_ACTIVE"> there </sec:authorize> </code></pre>

Spring Security Authorize tag always false

I have about the equivalent to the following in my jsp. Neither here nor there are displayed!

My first foray into Spring Security 3.0.5. I've used 3.0.3 without issue.

<sec:authorize ifNotGranted="ROLE_ACTIVE">
    here
</sec:authorize>
<sec:authorize ifAnyGranted="ROLE_ACTIVE">
    there       
</sec:authorize>

Thanks for the insights. I found it was because of the ordering of the filter-mappings. Spring security needs to come before Sitemesh.

Not sure how anyone could have gotten that without me publishing so many seemingly trivial details on the project.

I'll know to post the web.xml in the future. Probably just pay more attention to that being a source of problems.