Richard
Reputation: 1739
Spring Security: conditional logic based on roles
I'm using the Spring security tags to determine if people are authenticated or have roles etc. For example
<sec:authorize access="hasRole('MANAGER')">
I'm struggling to see how to do conditional logic with this though. I want to say something like this (I made the last tags up):
<sec:authorize access="hasRole('MANAGER')">
Hello Mr Manager
</sec:authorize>
<sec:otherwise>
Hello Mr Non-Manager
</sec:otherwise>
Can anyone point me in the right direction please?
Thanks
Upvotes: 2
Views: 2166
Answers (1)
Marek Sebera
Reputation: 40641
I think you already solved this, but to finish the question:
Look at documentation at: Spring Security TagLib
And you can use this snippet:
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
<sec:authorize ifNotGranted="ROLE_USER">
Hello Mr. Anonymous
</sec:authorize>
<sec:authorize ifAllGranted="ROLE_USER" ifNotGranted="ROLE_MANAGER">
Hello Mr. User
</sec:authorize>
<sec:authorize ifAllGranted="ROLE_MANAGER">
Hello Mr. Manager
</sec:authorize>
Upvotes: 2
Related Questions
- Spring Security with roles and permissions
- Conditional Spring Security
- Spring Boot: Data access depending on role
- What would a conditional privilege implementation look like using Spring Security?
- Spring security access with multiple roles
- Spring security, how to restrict user access certain resources based on dynamic roles?
- Spring security: Role based access control
- spring security - dynamic roles
- Setting user roles based on some kind of ownership in Spring Security
- Criteria based authorization check with spring security?