Announcement Announcement Module
No announcement yet.
Displaying links to urls that only a user has access to Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Displaying links to urls that only a user has access to

    Hello! We are currently in the process of securing our site that uses Spring MVC, jsps, and Spring Security 3.0.3 so that users can only see links to URLs that they have access to via roles. Instead of me going through every jsp and surrounding every link with the <authorize url=""> tag does anyone know a way to somehow intercept a hyperlink while the jsp is handled and either surround it with this tag or simply check the role to decide whether to render the link? There are a lot of links and it seems like there must be a way to do this. Thanks!

  • #2
    A JSP has no concept of HTML structure - it doesn't actually know that it's rendering HTML links - so the only option I can think of is to write a custom link tag which encompasses the authorization logic.

    In practice, it's often not that simple - there is often additional HTML which should be omitted if you're hiding the link.