Reputation: 26647
How to identify a role with a tag in Spring security?
Is it possible to identify the user role with a tag in spring security? I want to make different links depending on the user role, an admin should get other links than a user and maybe view an altogether different jsp page. Can you tell me how to know user role with a tag e.g. output depending on role?
I have these roles:
<intercept-url pattern="/admin/menu**" access="ROLE_USER" />
<intercept-url pattern="/admin/manage**" access="ROLE_ADMIN" />
But how can I change the routing depending on who is who? I suppose a way to do it is to set the role as a variable at login and then read it with JSP so that I can output one menu for a ROLE_USER and another for ROLE_ADMIN.
Upvotes: 0
Views: 217
Answers (1)
Reputation: 8154
Yes, Spring Security has a JSTL library you can import that has all sorts of nice little tools. The Docs for it can be found here.
Specifically, you want to do something like:
<sec:authorize access="hasRole('ROLE_ADMIN')">
<!-- Some optional code here -->
</sec:authorize>
This will execute the items in between the tags if the user has the role 'ROLE_ADMIN'.
Upvotes: 3
Related Questions
- How to check "hasRole" in Java Code with Spring Security?
- Spring Security: method to check if a user has a Hierarchical Role
- How to access role in JSP using spring security?
- check role of user in <sec:authorize>
- How to know all roles a user has in Spring security
- Accessing Spring Security Role Hierarchy Programatically
- Spring security role assignment
- Spring security How to define custom role name
- Spring security roles
- spring security list of available roles