why sec:authorize doesn't work?

**nazila** · Jun 20th, 2011, 04:05 AM

I have a JSF 2 page based on Facelets and use Spring Security 3.0.5 behind the application. When I put some tags like this within my page:

Code:

<sec:authorize  access="hasRole('SS')" >
<h:outputText value="X" />
</sec:authorize>

the X will display at runtime anyway with any role. The auto completion feature of my eclipse work correctly to show the "sec:" tags and their properties at programming time. what's the problem?

**Rob Winch** · Jun 20th, 2011, 09:59 PM

What does the html rendered by this page look like?

**nazila** · Jun 21st, 2011, 11:19 PM

Originally Posted by rwinch

What does the html rendered by this page look like?

The source of page is like this:

<sec:authorize access="hasRole('SS')">X</sec:authorize>

**Rob Winch** · Jun 22nd, 2011, 08:46 AM

This means that you do not have the jsp tags setup correctly. One of the easiest things to check is to ensure that spring-security-taglibs-<version>.jar is in your WEB-INF/lib/.

**nazila** · Jun 22nd, 2011, 10:53 PM

Originally Posted by rwinch

This means that you do not have the jsp tags setup correctly. One of the easiest things to check is to ensure that spring-security-taglibs-<version>.jar is in your WEB-INF/lib/.

This is the jar file that is in my WEB-INF/lib/:
http://search.maven.org/remoteconten....5.RELEASE.jar

Thread: why sec:authorize doesn't work?

Thread Tools

Display

why sec:authorize doesn't work?

Tags for this Thread

Posting Permissions