Authorization in JSPs

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Authorization in JSPs

David Whitehurst-2
I thought this would work because ... my assumption is that the ROLES are part of the GrantedAuthority?
<sec:authorize access="hasRole('ROLE_ADMIN')">


--
David L. Whitehurst
2932 Tram Road, Fuquay Varina NC 27526
919-605-6529 (mobile)
Reply | Threaded
Open this post in threaded view
|

Re: Authorization in JSPs

David Whitehurst
I shouldn’t have posted here but I think the single quotes may be causing an issue. I was getting the Yikes page but nothing in my console running Jetty.  I fixed this with a deprecated method.  I want to find a better solution.

<sec:authorize ifAllGranted=“ROLE_ADMIN …

The single quotes changed to double.

David


On May 7, 2015, at 11:14 PM, David L. Whitehurst <[hidden email]> wrote:

I thought this would work because ... my assumption is that the ROLES are part of the GrantedAuthority?
<sec:authorize access="hasRole('ROLE_ADMIN')">


--
David L. Whitehurst
2932 Tram Road, Fuquay Varina NC 27526
919-605-6529 (mobile)

Reply | Threaded
Open this post in threaded view
|

Re: Authorization in JSPs

kossel
In reply to this post by David Whitehurst-2
You have to add the use-expressions="true"  in the http TAG in security.xml

for example <http auto-config="true" use-expressions="true">