Application authentication config with jsf and spring-security
Question
I thinking about solution like this:
- different menus for users depend on role which will be included template
- proper
sec:intercept-url's to access only those pages which are dedicated to role, so user with one role won't be able to access pages for another role
What are You thinking about this solution?
masterLayout look like:
<h:body>
<f:subview id="menuUser" rendered="#{sessionBean.user}">
<ui:include src="/WEB-INF/templates/menuBarUser.xhtml" />
</f:subview>
<f:subview id="menuAdmin" rendered="#{sessionBean.admin}">
<ui:include src="/WEB-INF/templates/menuBarAdmin.xhtml" />
</f:subview>
<ui:insert name="content" />
</h:body>
security-context.xml:
...
<sec:intercept-url pattern="/user/**" access="ROLE_USER" />
<sec:intercept-url pattern="/admin/**" access="ROLE_ADMIN" />
...
1 answers
solution1
0 ACCPTED 2011-07-07 10:57:28
I don't know if I catch up your question right, but sounds like you can use Spring Security Facelets Tag Library .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
spring-security force “http” authentication
Spring-Security with two authentication managers
Spring-Security Basic HTML authentication
Active directory authentication with spring-security
spring-security form authentication migration to annotations
Howto integrate spring-social authentication with spring-security?
Spring-security : session-config with COOKIE not working
Spring-Security OAuth2 StackOverflowError using Java config
spring-security java config: How to configure Multiple AuthenticationManager instances
spring-security, java-config: IllegalArgumentException: An AuthenticationManager is required
Related Tags