Jun 20th, 2012, 11:24 PM
AND, OR Conditions for global-method-security>protect-pointcut access in XML
Below is my configuration:
<global-method-security pre-post-annotations="enabled" access-decision-manager-ref="accessDecisionManager">
<protect-pointcut expression="execution(* com.myService.save(..))"
I am using spring security 3.1 with ACL's and expecting access="ACL_WRITE,ROLE_ADMIN" will grant access to user with ROLE_ADMIN OR ACL_WRITE but it is working like an AND condition ie granting access only when user has both ACL_WRITE AND ROLE_ADMIN.
I strictly what to do it in XML and not using annotations also i don't want to grant ACLs to ROLE_ADMIN because going forward i might want to give the save access to some other ROLE's based on business requirements.
How can i solve this? How can i make it work as an OR condition?
Also i couldn't use EL here is there anyway i can do something like access="ACL_WRITE or hasRole('ROLE_ADMIN')"