I have a JSF 2 page based on Facelets and use Spring Security 3.0.5 behind the application. When I put some tags like this within my page:
the X will display at runtime anyway with any role. The auto completion feature of my eclipse work correctly to show the "sec:" tags and their properties at programming time. what's the problem?
<sec:authorize access="hasRole('SS')" >
<h:outputText value="X" />
The source of rendered html is like this:
This is the jar file that is in my WEB-INF/lib/: