aspose file tools*
The moose likes Spring and the fly likes Spring security autorisation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring security autorisation" Watch "Spring security autorisation" New topic
Author

Spring security autorisation

paresh doshi
Ranch Hand

Joined: Nov 20, 2006
Posts: 81
Hi,

I have the sso enabled application which does the authentication of user. I need to implement authorization in my applicaiton. The links on my jsp like delete, save should be disabled for the readonly users.

Can anyone please provide the link or any step by step tutorial as how to configure that in my application.

Thanks in Advance.


Thanks.<br />Paresh Doshi<br />SCJP 1.4
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17257
    
    6

Yes, you would use the security tag library and just add a tag to your jsp like

<security:authorize ifAnyGranted=“ROLE_ADMIN”>

And remember you have to add the tag library to your jsps with

<%@ taglib prefix="security"
uri="http://www.springframework.org/security/tags" %>

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
paresh doshi
Ranch Hand

Joined: Nov 20, 2006
Posts: 81
Hi,

Thanks for your reply.

i have one query regd the ROLE_ADMIN, in my case i have the role_mstr table where roles defines are like
1 - Admin
2- Normal User
3 - Read Only User.

Now in this case i need to show/hide links based on the above roles. How to link the above roles to spring security configuration.

Thanks in advance.

Regards,
Paras.
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17257
    
    6

paresh doshi wrote:Hi,

Thanks for your reply.

i have one query regd the ROLE_ADMIN, in my case i have the role_mstr table where roles defines are like
1 - Admin
2- Normal User
3 - Read Only User.

Now in this case i need to show/hide links based on the above roles. How to link the above roles to spring security configuration.

Thanks in advance.

Regards,
Paras.


You would use your role names instead. ROLE_ADMIN is just an example. The one key to remember in Spring Security is that you have to prepend ROLE_ in your role names.

Mark
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring security autorisation