I have a JSF 2 page based on Facelets and use Spring Security 3.0.5 behind the application. When I put some tags like this within my page:
the X will display at runtime anyway with any role. The auto completion feature of my eclipse work correctly to show the "sec:" tags and their properties at programming time. what's the problem?
<sec:authorize access="hasRole('SS')" > <h:outputText value="X" /> </sec:authorize>