How to create custom methods for use in spring security expression language annotations

From:http://*.com/questions/6632982/how-to-create-custom-methods-for-use-in-spring-security-expression-language-anno

None of the mentioned techniques will work anymore. It seems as though Spring has gone through great lengths to prevent users from overriding the SecurityExpressionRoot. Instead, create a bean like this:

@Component("mySecurityService")publicclassMySecurityService{publicboolean hasPermission(String key){returntrue;}}

Then do something like this in your jsp:

<sec:authorize access="@mySecurityService.hasPermission('special')"><input type="button" value="Special Button"/></sec:authorize>

Or annotate a method:

@PreAuthorize("@mySecurityService.hasPermission('special')")publicvoid doSpecialStuff(){...}

And remember: if you are using Spring and you have to solve a problem by extending classes, overriding methods, implementing interfaces, etc... then you're probably doing something wrong. It's all annotations and xml, that's why we love Spring so much and not (old versions of) EJB.

上一篇:mysql备份、还原数据库(命令行)


下一篇:构建ASP.NET MVC4+EF5+EasyUI+Unity2.x注入的后台管理系统(21)-权限管理系统-跑通整个系统