Announcement Announcement Module
Collapse
No announcement yet.
<sec:authorize url> tag cant hide in spring secuiry (please give me a real demo) Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • <sec:authorize url> tag cant hide in spring secuiry (please give me a real demo)

    hi all ,

    when I use the spring security 3.1rc2,I find a problem need to help

    I custom the AcessDecisonManager, FilterSecurityInterceptor , InvocationSecurityMetadataSource,UserDetailsServic e and put the user,role and resource url in database and use the <sec:authorize url> tag in UI as bellow:

    <sec:authorize url="/admin.jsp">
    <a href="admin.jsp">enter the admin</a>
    </sec:authorize>

    when I login in with user who not has the authority of access,I find the admin.jsp link not hidden ,it still show in the UI,click the admin.jsp link ,access denied ( which means the authority work well) .

    but I want to know how can I do to make the admin.jsp link hidden when the user has not the authority of accessing the link? if I config the role in security.xml ,and login in with user who not has the authority of access, the <sec:authorize url> hide automatically.

    please give me a detail solution .

  • #2
    Look at the tutorial sample. It is used there.

    Comment

    Working...
    X