1

I was using waffle and spring security 3.2 to set access to jsf2 pages. I used this example

Everything works fine, but I am curious, if posible to set access to page via xml file for one user??? Something like that:

 <sec:intercept-url pattern="/**" access="PRINCIPAL='tom'" />

I couldn't find answer in internet

Thanks

BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
Darka
  • 2,762
  • 1
  • 14
  • 31

2 Answers2

1

Yes it is possible if you use SpEL expressions:

<sec:http use-expressions="true">
    ....
    <sec:intercept-url pattern="/**" access="principal.name=='tom'" />
    ....
</sec:http>
Maksym Demidas
  • 7,707
  • 1
  • 29
  • 36
  • You are welcome. @Darka, I've seen your edit for my answer that was rejected. You can post `authentication.name` way as a separate answer and accept it. – Maksym Demidas Aug 28 '13 at 15:26
  • thanks again, but I wlll leave your answer. I think it depends from configuration. – Darka Aug 28 '13 at 18:28
0

Using @Maksym answer I found my solution (I think in some cases both can be right) :

<sec:http use-expressions="true">
    ....
    <sec:intercept-url pattern="/**" access="authentication.name=='tom'" />
    ....
</sec:http>
Darka
  • 2,762
  • 1
  • 14
  • 31