Results 1 to 2 of 2

Thread: Displaying links to urls that only a user has access to

  1. Nov 11th, 2010, 07:52 AM #1
    dukethrash
    dukethrash is offline Junior Member
    Join Date
    Mar 2010
    Posts
    12

    Default Displaying links to urls that only a user has access to

    Hello! We are currently in the process of securing our site that uses Spring MVC, jsps, and Spring Security 3.0.3 so that users can only see links to URLs that they have access to via roles. Instead of me going through every jsp and surrounding every link with the <authorize url=""> tag does anyone know a way to somehow intercept a hyperlink while the jsp is handled and either surround it with this tag or simply check the role to decide whether to render the link? There are a lot of links and it seems like there must be a way to do this. Thanks!
    Reply With Quote Reply With Quote
  2. Nov 12th, 2010, 05:38 AM #2
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    A JSP has no concept of HTML structure - it doesn't actually know that it's rendering HTML links - so the only option I can think of is to write a custom link tag which encompasses the authorization logic.

    In practice, it's often not that simple - there is often additional HTML which should be omitted if you're hiding the link.
    Spring - by Pivotal
    twitter @tekul
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules