• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Spring security autorisation

 
paresh doshi
Ranch Hand
Posts: 81
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have the sso enabled application which does the authentication of user. I need to implement authorization in my applicaiton. The links on my jsp like delete, save should be disabled for the readonly users.

Can anyone please provide the link or any step by step tutorial as how to configure that in my application.

Thanks in Advance.
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, you would use the security tag library and just add a tag to your jsp like

<security:authorize ifAnyGranted=“ROLE_ADMIN”>

And remember you have to add the tag library to your jsps with

<%@ taglib prefix="security"
uri="http://www.springframework.org/security/tags" %>

Mark
 
paresh doshi
Ranch Hand
Posts: 81
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Thanks for your reply.

i have one query regd the ROLE_ADMIN, in my case i have the role_mstr table where roles defines are like
1 - Admin
2- Normal User
3 - Read Only User.

Now in this case i need to show/hide links based on the above roles. How to link the above roles to spring security configuration.

Thanks in advance.

Regards,
Paras.
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
paresh doshi wrote:Hi,

Thanks for your reply.

i have one query regd the ROLE_ADMIN, in my case i have the role_mstr table where roles defines are like
1 - Admin
2- Normal User
3 - Read Only User.

Now in this case i need to show/hide links based on the above roles. How to link the above roles to spring security configuration.

Thanks in advance.

Regards,
Paras.


You would use your role names instead. ROLE_ADMIN is just an example. The one key to remember in Spring Security is that you have to prepend ROLE_ in your role names.

Mark
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic