JSF的Spring ACL? [英] Spring ACL for JSF?
问题描述
如何检查JSF页面中的ACL?
对于JSP,我可以使用这样的标签:
<security:accesscontrollist hasPermission="READ" domainObject="${category}">
但是该标签在JSF页面中无法识别.在JSF页面中是否有要执行相同操作的组件?
坦克
是的,您可以使用Spring Security Facelets标记库轻松完成此操作.要进行配置,请参见链接.然后,您可以使用它像这样:
<h:dataTable value="#{customer.orderList}" var="order" rendered="#{sec:areAllGranted('ROLE_USER,ROLE_ADMIN')}">
<h:column>
</h:column>
</h:dataTable>
如果使用Primefaces组件库,则无需进行任何配置,您可以直接使用它.这是链接
以上内容将带您进入要在SID中按角色呈现的集合.但是,即使您甚至拥有域对象的权限,也必须使用带有@PostFilter批注的Spring EL表达式来处理Spring bean中的那些对象.请参阅此 But this tag isnt recognized in JSF pages. Is there an component to do the same in a JSF page? Tanks Yes, you can easily accomplish this by using the Spring Security Facelets Tag Library. To configure that see the documentation at this link. Then you can use it something like this: If you use Primefaces component library then you do not have to configure anything, you can just use it out of the box. Here is the link The above will get you to the Collection that you would be rendering per role in your SID. But if you even have permissions for your domain objects, you have to handle those in your spring beans using Spring EL expressions with @PostFilter annotation See this link . The list would be different for different users and is completely driven by ACL permissions. 这篇关于JSF的Spring ACL?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!<h:dataTable value="#{customer.orderList}" var="order" rendered="#{sec:areAllGranted('ROLE_USER,ROLE_ADMIN')}">
<h:column>
</h:column>
</h:dataTable>
