This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.
No announcement yet.
Expression-Based Access Control- use wildcard "ROLE_*"Page Title Module
You can use any attributes you want, but the actual interpretation depends on the AccessDecisionManager and the combination of AccessDecisionVoter instances it is configured with. ROLE_ attributes are typically processed by an instance of the class RoleVoter. If you want to do something like this you'd need to write a customized version instead which handler wildcarded role names.
Note that this isn't expression-based access control. In that case the attribute is interpreted as an EL expression. So "ROLE_ADMIN" wouldn't be a valid expression.
Thank you very much. Is there a working example that I could look at. I am kind of new to this topic and it would really help if you can put me in the right direction.
I just wanted to add that I am using LDAP for authentication and authorization. I do not want to use ACL's I have created my custom authorities and they all normally end with either ADMIN or STAFF at the end. so, Please suggest me the best way to get this working.