sec:authorize doesn't work in spring security 3.2 and jsf

后端未结

关注

 1  1253

情歌与酒 2021-01-11 16:18

When I put some tags like this within my page:
user and admin will display at runtime anyway?
xmlns:sec=\"http://www.springframework.org/security/tags\"
sprin

1条回答

青春惊慌失措 (楼主)

2021-01-11 17:05

To use the Spring Security Facelets Tag Library you'll need to create a .taglib.xml file and register it in web.xml.

Create the file /WEB-INF/springsecurity.taglib.xml with the following content:




    http://www.springframework.org/security/tags
    
        authorize
        org.springframework.faces.security.FaceletsAuthorizeTagHandler
    
    
        areAllGranted
        org.springframework.faces.security.FaceletsAuthorizeTagUtils
        boolean areAllGranted(java.lang.String)
    
    
        areAnyGranted
        org.springframework.faces.security.FaceletsAuthorizeTagUtils
        boolean areAnyGranted(java.lang.String)
    
    
        areNotGranted
        org.springframework.faces.security.FaceletsAuthorizeTagUtils
        boolean areNotGranted(java.lang.String)
    
    
        isAllowed
        org.springframework.faces.security.FaceletsAuthorizeTagUtils
        boolean isAllowed(java.lang.String, java.lang.String)

Next, register the above file taglib in web.xml:


    javax.faces.FACELETS_LIBRARIES
    /WEB-INF/springsecurity.taglib.xml

Now you are ready to use the tag library in your views. You can use the authorize tag to include nested content conditionally:




    
        Lorem ipsum dolor sit amet
    

    
        Lorem ipsum dolor sit amet
    

    
        Lorem ipsum dolor sit amet

You can also use one of several EL functions in the rendered or other attribute of any JSF component:

Tested on :

        
            org.springframework.security
            spring-security-taglibs
            3.2.3.RELEASE

0 讨论(0)