Announcement Announcement Module
Collapse
No announcement yet.
@Secured supports exact/wild card/OR / multiple roles match ? Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • @Secured supports exact/wild card/OR / multiple roles match ?

    It seems @Secured only support exact multiple role matches

    login user has manager and administrator two roles, but he is denied to invoke method.

    @Secured({"manager","administrator","productdepart ment_poweruser","productdepartment_normaluser"})
    public Collection<? extends Article> getArticlesbyArticleFilter(
    ArticleFilter aFilter) throws ServiceException;

    if i change to @Secured({"manager","administrator"}) which exactly matchs
    with user's roles
    then he could invoke the method.

    My question is

    how does @Secured supports OR relations for multiple roles

    Rgds

  • #2
    I know what is the reason now.
    please dont reply this post

    reason is accessdecisionmanager
    i should use
    <bean id="accessDecisionManager"
    class="org.acegisecurity.vote.AffirmativeBased">

    Comment

    Working...
    X