How to dynamically decide <intercept-url> access attribute value in Spring Security?
问题 In Spring Security we use the intercept-url tag to define the access for URLs as below: <intercept-url pattern="/**" access="ROLE_ADMIN" /> <intercept-url pattern="/student" access="ROLE_STUDENT" /> This is hard coded in applicationContext-security.xml . I want to read the access values from a database table instead. I have defined my own UserDetailsService and I read the roles for the logged in user from the database. How do I assign these roles to the URL patterns during runtime? 回答1: The