java - pass HttpServletRequest in a hasPermission expression -


in spring security config i've got following settings:

    @override       protected void configure(httpsecurity http) throws exception       {           http         .authorizerequests()               .antmatchers("/login.htm", "/signup.htm").permitall()             .antmatchers("/page1.htm", "/page2.htm", "/page3.htm").access("@permission.haspermission(principal.username))     ....     }

the @permission contains method haspermission @component bean decides whether principal username has access pages. in bean use dao methods determine this. however, need more knowledge make decision because it's not single page. instance, there way know page user has requested , pass in haspermission method? in other words, want like:

 .antmatchers("/page1.htm", "/page2.htm", "/page3.htm").access("@permission.haspermission(principal.username, httpservletrequest http))

see 2nd parameter of method. it's http request requested page know whether user requested page1, page2 or page3.. or if cannot pass parameter how can current requested page in implementation of haspermission method?

you should able access using following:

  @override   protected void configure(httpsecurity http) throws exception   {       http         .authorizerequests()               .antmatchers("/login.htm", "/signup.htm").permitall()             .antmatchers("/page1.htm", "/page2.htm", "/page3.htm").access("@permission.haspermission(principal.username,request)) .... }

this due fact websecurityexpressionroot.request property exposed public final variable


Comments

Post a Comment

Popular posts from this blog

javascript - AngularJS custom datepicker directive -

i make custom datepicker directive custom template. but have no idea how start building it... how include date data directive? i appreciate guide or give me advice work on more precisely. it might you! follow below steps html code sample: <label>birth date</label> <input type="text" ng-model="birthdate" date-options="dateoptions" custom-datepicker/> <hr/> <pre>birthdate = {{birthdate}}</pre> <script type="text/ng-template" id="custom-datepicker.html"> <div class="enhanced-datepicker"> <div class="proxied-field-wrap"> <input type="text" ui-date-format="yy-mm-dd" ng-model="ngmodel" ui-date="dateoptions"/> </div> <label> <button class="btn" type="button"><i class="icon-calendar"></i>
Read more

javascript - jQuery date picker - Disable dates after the selection from the first date picker -

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>jquery ui datepicker - default functionality</title> <link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css"> <script src="//code.jquery.com/jquery-1.10.2.js"></script> <script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script> <link rel="stylesheet" href="/resources/demos/style.css"> <script> $(function () { $("#datepicker1").datepicker(); }); </script> <script> $(function () { $("#datepicker2").datepicker(); }); </script> </head> <body> <p>date 1: <input type="text" id="datepicker1"></p> <p>date 2: <input type="t
Read more