Nastya Gorobets
Reputation: 197
Spring security tag if user is not authenticated
I use tag <sec:authorize access="!hasAnyRole('ROLE_ADMIN', 'ROLE_USER')">
maybe is other solution ?
Upvotes: 2
Views: 3891
Answers (3)
Vincent Siciliano
Reputation: 11
You can always do it like this:
<sec:authorize access="isAnonymous()">
Upvotes: 1
Morteza Asadi
Reputation: 1855
This code works whether user is logged in or not, and works when using Anonymous Authentication:
<sec:authorize access="isAuthenticated()">
<!-- if user is authenticated-->
</sec:authorize>
<sec:authorize access="!isAuthenticated()">
<!-- if user is not authenticated-->
</sec:authorize>
Upvotes: 6
Max Levitskiy
Reputation: 54
You can use anonymous filter. Something like this:
<bean id="anonymousAuthFilter"
class="org.springframework.security.web.authentication.AnonymousAuthenticationFilter">
<property name="key" value="foobar"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>
<bean id="anonymousAuthenticationProvider"
class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
<property name="key" value="foobar"/>
</bean>
And then check like this:
<sec:authorize access="hasAnyRole('ROLE_ANONYMOUS')">
Here you can find more information: https://docs.spring.io/spring-security/site/docs/3.0.x/reference/anonymous.html
Upvotes: 0
Related Questions
- What is difference between CrudRepository and JpaRepository interfaces in Spring Data JPA?
- How can I sanitize user input with PHP?
- What's the difference between @Component, @Repository & @Service annotations in Spring?
- Spring: @Component versus @Bean
- How to configure port for a Spring Boot application
- How to list all tags along with the full message in git?
- How should I ethically approach user password storage for later plaintext retrieval?
- Spring Security sec:authorize throw exception
- Grails Spring Security plugin - modify logged in user's authorities
- spring security and using CustumUserDetails