Question

我试图获得角色名称（即：ROLE_ADMIN，ROLE_USER）来分配角色的全部视图。我用过这段代码

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    @Autowired
    private DataSource dataSource;

    @Value("${spring.queries.users-query}")
    private String usersQuery;

    @Value("${spring.queries.roles-query}")
    private String rolesQuery;


    @Autowired
    public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        auth.
        jdbcAuthentication()
            .dataSource(dataSource)
            .usersByUsernameQuery(usersQuery)
            .authoritiesByUsernameQuery(rolesQuery)
            .passwordEncoder(bCryptPasswordEncoder);



    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.
            authorizeRequests()
                .antMatchers("/","/login").permitAll()
                .antMatchers("/users","/roles").access("hasRole('ROLE_ADMIN')").anyRequest()
                .authenticated()
                .and()
                .csrf()
                .disable()
            .formLogin()
                .loginPage("/login").failureUrl("/login")
                .defaultSuccessUrl("/projects")
                .usernameParameter("username")
                .passwordParameter("password")
                .and()
            .logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .logoutSuccessUrl("/login").and().exceptionHandling()
                .accessDeniedPage("/access-denied");

    }

     @Override
        public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/webjars/**");
        web.ignoring().antMatchers("/css/**","/fonts/**","/libs/**");
        }



<div th:if="${#authorization?.expression('hasRole(''ROLE_ADMIN'')')}">
            <ul class="nav navbar-nav" >
                <li><a href="/users">Usuarios</a></li>

                <li><a href="/roles">Roles</a></li>

                <li><a href="/professionalExperiences">Experiencia <br />Profesional
                </a></li>

                <li><a href="/professinal_skills">Professional <br />Skills
                </a></li>

                <li><a href="/personal_skills">Personal <br />Skills
                </a></li>

                <li><a href="/projects">Proyectos</a></li>

                <li><a href="/academics">Formacion<br /> Academica
                </a></li>

                <li><a href="/certifications">Cartificaciones</a></li>

                <li><a href="/courses">Cursos</a></li>

                <li><a href="/language_evals">Evaluacion<br /> del idioma
                </a></li>

            </ul>
            </div>

当我尝试登录后运行项目时出现此错误： EL1011E：方法调用：尝试在空上下文对象上调用方法表达式（java.lang.String）我加了一个？在#authorization之后但是同样的问题我正在使用：Spring Boot，thymleaf，Maven，

Answer 1

您可以尝试以下方法吗？

<div sec:authorize="hasRole('ROLE_ADMIN')">

为什么thymleaf无法读取此表达式：“$ {＃authorization.expression（'hasRole（''ROLE_ADMIN''）'）}

1 个答案: