Hi,

in my application, a (externally authenticated) user is signed in to one of several "projects". These have urls like

/projects/project1/...

Is there a way to use <intercept-url /> to control access to projects? For I'm currently exposing the project as an attribute on the principal, so what I'm aiming for is something along the lines of

<intercept-url pattern="/projects/{projectId}/**" access="principal.project==$projectId" />

Alternatively, I guess I could expose the projectId as a role:

<intercept-url pattern="/projects/{projectId}/**" access="hasRole($projectId)" />

Since the projects are created from within the application, I don't know their Ids in advance. Is there a way to capture the path element and re-use it in the web security expression?

Thanks,
--Christopher