Guillermo81
Reputation: 189
How to define a pattern in spring security?
I have this 4 pages:
- project/create.xhtml
- project/load.xhtml
- project/edit.xhtml
- project/details.xhtml
This is the spring security config:
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="//pages/project/[ec].*/" access="hasRole('PROJECT_WRITE')"/>
<security:intercept-url pattern="/pages/project/load**" access="hasRole('PROJECT_READ')"/>
<security:intercept-url pattern="/pages/project/detail**" access="hasRole('PROJECT_READ')"/>
</security:http>
I need to filter pages when its starts with e (for edit) and c (for create) but i don't know. This is the correct regex //pages/project/[ec].*/ but don't work.
is it possible?
Load an detail page work fine but is a easy url.
Thanks!
Upvotes: 0
Views: 106
Answers (1)
John R
Reputation: 2096
You have a trailing slash at the end of the regex. You can also remove one of the slashes at the beginning. Try this:
/pages/project/[ec].*
Upvotes: 1
Related Questions
- Custom Security Expression
- Conditional Spring Security
- Spring 4 security rule definition
- spring authentication filter pattern
- Explicitly secure a specific pattern instead of ignoring all non-secured patterns
- Custom Access Rules for Spring Security
- spring security customisation
- Spring Security - Apply pattern to custom http filter?
- How do I limit the classes that are securable by spring security?
- Spring 3 - Custom Security