Jun 19th, 2009, 03:23 PM
Hi Folks -
I'm sure this is covered somewhere in the forum, but I couldn't find and appropriate search to yield an answer - so I apologize if this has been covered before.
I have a single .war file that handles multiple domains. Each domain might serve a page with the same URL, but the security requirements on them might be different.
For example, sitea.com might have
<intercept-url pattern="/products.html" access="ROLE_SITE_USERS"/>
Where siteb.com might have
<intercept-url pattern="/products.html" access="ROLE_ANONYMOUS"/>
Since it's a single war file, is there a way to tell the pattern to inspect the incoming domain name, or another attribute available to handle the problem?
<intercept-url pattern="sitea.com/products.html" access="ROLE_SITE_USERS"/>
<intercept-url pattern="products.html" domain="sitea.com" access="ROLE_SITE_USERS"/>
Any help very much appreciated.
Jun 20th, 2009, 01:35 PM
You will probably have to use a traditional bean configuration here. You are essentially changing the behaviour of the ObjectDefinitionaSource (SecurityMetadataSource in 3.0) which is used with the FilterSecurityInterceptor - it would return a different list of attributes depending on your "domain" value. So you will have to customize the standard implementation (or write a new one) and inject that into the interceptor.
Jun 22nd, 2009, 03:46 PM
Thanks a lot, Luke -- I appreciate the reply.