Equivalent to obsolete attribute <sec: authorize> ifNotGranted

Question

Equivalent to obsolete attribute <sec: authorize> ifNotGranted

I would like to prevent an image having a link if the user does NOT have a specific role. eg.

<sec:authorize ifNotGranted="ROLE_ACCOUNTS" ><img src="someimage.jpg"/></sec:authorize> <sec:authorize ifAllGranted="ROLE_ACCOUNTS" ><a href="somelink.htm"><img src="someimage.jpg"/></a></sec:authorize>

However, if NotGranted and ifAllGranted are now deprecated in favor of an access expression. I see that ifAllGranted can be replicated with:

 <sec:authorize access="hasRole('ROLE_ACCOUNTS')"><a href="somelink.htm"><img src="someimage.jpg"/></a></sec:authorize>

But how can ifNotGranted be replicated using an access method? Any help would be greatly appreciated.

+7

spring-security jsp jsp-tags

arontoms Jun 08 '12 at 17:12

source share

2 answers

If you have many files for updating, I recommend using the regular express to search and replace

find

 <sec:authorize\s+ifAnyGranted="([^"]+)"

replace

 <sec:authorize access="hasAnyRole('$1')"

and search

 <sec:authorize\s+ifNotGranted="([^"]+)"

replace

 <sec:authorize access="!hasAnyRole('$1')"

Hope this saves you some time.

+2

Yu Jiaao Apr 2 '17 at 6:53

source share

axtavt · Accepted Answer · 2012-06-08T18:45:19+0000

The SpEL expression can be canceled using the operator ! :

 <sec:authorize access="!hasRole('ROLE_ACCOUNTS')">...</sec:authorize>

See also:

6. Spring Language (SpEL)

Equivalent to obsolete attribute <sec: authorize> ifNotGranted

More articles: