如何使用!hasRole()配置spring security

时间:2015-12-17 09:44:20

标签: spring security config

我的配置

<!-- NON AUTHENTICATION PAGES -->
    <sec:intercept-url pattern="/" access="permitAll" />
    <sec:intercept-url pattern="/about" access="permitAll" />

    <sec:intercept-url pattern="/admin/user/changepass/**" access="permitAll" />
    <sec:intercept-url pattern="/admin/user/changepass/**" access="isAuthenticated()" />
    <sec:intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />        
    <sec:intercept-url pattern="/mochaUser/getUser/**" access="hasRole('ROLE_ADMIN')" />
    <sec:intercept-url pattern="/mochaUser/getUser/**" access="hasRole('ROLE_DEV')" />
    <sec:intercept-url pattern="/user/userblock/add" access="!hasRole('ROLE_FO')" />
    <sec:intercept-url pattern="/user/userblock/delete" access="!hasRole('ROLE_FO')" />
    <sec:intercept-url pattern="/user/userblock/edit" access="!hasRole('ROLE_FO')" />
    <sec:intercept-url pattern="/user/userblock/add" access="!hasRole('ROLE_BO')" />
    <sec:intercept-url pattern="/user/userblock/edit" access="!hasRole('ROLE_BO')" />
什么错了?为什么!hasRole()无效,我仍然会访问!hasRole()中的链接。 对不起,如果我的英语不好 感谢

0 个答案:

没有答案
相关问题
最新问题