Spring Security all rolles except anonymous -

-

hi have spring security application

<http auto-config="true">     <intercept-url pattern="/**" />     <form-login authentication-failure-handler-ref="authenticationfailurehandler" authentication-success-handler-ref="authenticationsuccesshandler" login-page="${loginurl}" authentication-failure-url="${loginurl}" />     <logout logout-url="/logout" invalidate-session="true" success-handler-ref="logoutsuccesshandler" />     <anonymous enabled='false'/> </http>

but anonymous user not intercepted, how can allow roles not role_anonymous?

try is_authenticated_fully:

<intercept-url pattern="/**" access="is_authenticated_fully" />

you can same thing using spel expression:

<http auto-config="true" use-expressions="true">     ...             <intercept-url pattern="/**" access="isauthenticated()" />             ... </http>

all available expressions listed here. in general spel expressions more flexible.


Comments

Post a Comment

Popular posts from this blog

Unable to remove the www from url on https using .htaccess -

-
i want remove www site url. ie. https://www.domainname.com.au https://domainname.com.au . i have tried various .htacces code nothing work me. here present code remove www http not work https. rewriteengine on rewritebase / rewritecond %{http_host} ^www\.(.*)$ [nc] rewriterule ^/(.*)$ http://%1/$1 [r=301,l] rewritecond %{https} off rewriterule ^(.*)$ https://domainname.com.au/$1 [r=301,l] rewriterule ^code-of-conducts/(.*)/$ code-of-conducts.php?type=$1 rewriterule ^parents/post-a-job/(.*)/edit/$ parents/post-a-job.php?action=edit&id=$1 rewriterule ^parents/post-a-job/(.*)/$ parents/post-a-job.php?job_type=$1 rewriterule ^parents/open-jobs/(.*)/delete/$ parents/open-jobs.php?action=delete&id=$1 rewriterule ^parent-profile/(.*)/$ parent-profile.php?id=$1 rewriterule ^parents/job-details/(.*)$ parents/job-details.php?applied_id=$1 rewriterule ^sitterprofile/(.*)/$ sitterprofile.php?id=$1 rewriterule ^sitter/job-board/state/(.*)/page/(.*)/$ sitter/job-board.ph...
Read more