aspose file tools*
The moose likes Spring and the fly likes Some weird (for me) aspects of Spring Tiles Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Some weird (for me) aspects of Spring Tiles" Watch "Some weird (for me) aspects of Spring Tiles" New topic
Author

Some weird (for me) aspects of Spring Tiles

Robert Raps
Ranch Hand

Joined: Mar 13, 2013
Posts: 30
Part 1 - Menu.jsp, which is appended to template.jsp


QUESTION:
If i remove these 2 rows, which wrap <div id="login">: <sec:authorize access="isAnonymous()"></sec:authorize>,
then i can see this div in generated html from template.jsp otherwise i can't.

Part2. Secure-spring.xml without dtd)


Part 3 - root-context.xml.
<import resource="secure-spring.xml"/> is present
Spring security dependcies in pom are present too.


I am new to spring and not very experienced in jstl. So, don't throw stones at me)

Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1666
    
    7

The first thing that stands out at me is your intercept url

<intercept-url pattern="/*" access="permitAll" />

you probably meant to write /** but either way you are not protecting anything. Order matters with this and you should default to protected. Typically the last entry in the list should be

<intercept-url pattern="/**" access="denyAll" /> or
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />

This way if you add a new pattern it is by default protected. You should specify other patterns before this one like permitAll on /resources/** for you static content etc.


[How To Ask Questions][Read before you PM me]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Some weird (for me) aspects of Spring Tiles