security jsptaglibs in velocity templates?

[priyavenkat]

Can someone please guide me to use JSPTagLibs in velocity templates. I need to use the security tag lib in velocity templates. I see that it is possible with freemarker. Can someone help me with using security jsptaglibs in velocity templates?

[priyavenkat]

In freemarker we do it using

Code:

<#assign security=JspTaglibs["http://www.springframework.org/security/tags"] />


and when we use the lib within the template we need to use


<@security.authorize ifAnyGranted="ROLE_WHATEVER">
...
</@security.authorize>

Am asking for a similar possible solution in apache velocity templates?

[Rob Winch]

Spring Security does not provide support for Velocity directly. A few options include...Figure out a way to use the taglibs within Velocity. As you mentioned Velocity supports this, but I am not aware of a way to easily do this with Velocity. This would be a question for the Velocity Forums. Alternatively, you can use the core Spring Security APIs to implement Velocity macros. This could be reverse engineered from the source of the jsp taglibs. If you end up finding an answer, it would be nice for you to post on this post for others.

[priyavenkat]

Spring Security does not provide support for Velocity directly. A few options include...Figure out a way to use the taglibs within Velocity. As you mentioned Velocity supports this, but I am not aware of a way to easily do this with Velocity. This would be a question for the Velocity Forums. Alternatively, you can use the core Spring Security APIs to implement Velocity macros. This could be reverse engineered from the source of the jsp taglibs. If you end up finding an answer, it would be nice for you to post on this post for others.

Thanks a lot for the quick response. I confronted this issue with velocity templates yesterday. I shall further work with this and shall keep you posted here when I get the viable solution. Would definitely get back soon

[myrondavis]

Thanks a lot for the quick response. I confronted this issue with velocity templates yesterday. I shall further work with this and shall keep you posted here when I get the viable solution. Would definitely get back soon

I don't know if you got an answer for this, but for the benefit of anyone else searching, you could consider creating a custom VelocityTool where you could implement custom Spring Security logic. For example:

HTML Code:

#if($springSecurityTool.hasRole("ROLE_ADMIN"))
<h2>Admin Content</h2>
#else
<h2>All Other Users Content</h2>
#end

Where $springSecurityTool would be your custom VelocityTool with a method .hasRole that returns true or false whether or not the current user has the role passed as a parameter.

I'm thinking that this should work and will check it out in more detail.