Spring security autorisation

Hi,

I have the sso enabled application which does the authentication of user. I need to implement authorization in my applicaiton. The links on my jsp like delete, save should be disabled for the readonly users.

Can anyone please provide the link or any step by step tutorial as how to configure that in my application.

Thanks in Advance.

Yes, you would use the security tag library and just add a tag to your jsp like

<security:authorize ifAnyGranted=“ROLE_ADMIN”>

And remember you have to add the tag library to your jsps with

<%@ taglib prefix="security"
uri="http://www.springframework.org/security/tags" %>

Mark

Hi,

Thanks for your reply.

i have one query regd the ROLE_ADMIN, in my case i have the role_mstr table where roles defines are like
1 - Admin
2- Normal User
3 - Read Only User.

Now in this case i need to show/hide links based on the above roles. How to link the above roles to spring security configuration.

Thanks in advance.

Regards,
Paras.

paresh doshi wrote:Hi,

Thanks for your reply.

i have one query regd the ROLE_ADMIN, in my case i have the role_mstr table where roles defines are like
1 - Admin
2- Normal User
3 - Read Only User.

Now in this case i need to show/hide links based on the above roles. How to link the above roles to spring security configuration.

Thanks in advance.

Regards,
Paras.

You would use your role names instead. ROLE_ADMIN is just an example. The one key to remember in Spring Security is that you have to prepend ROLE_ in your role names.

Mark