States, transitions, and entire flows can be secured in Spring Web Flow by using the <secured> element as a child of those elements. For example, to secure access to a view state, you might use <secured> like this:

 <view-state id="restricted">

     <secured attributes="ROLE_ADMIN" match="all"/>

 </view-state>

As configured here, access to the view state will be restricted to only users who are granted ROLE_ADMIN access (per the attributes attribute). The attributes attribute takes a comma-separated list of authorities that the user must have to gain access to the state, transition, or flow. The match attribute can be set to either any or all . If it’s set to any , then the user must be granted at least one of the authorities listed in attributes . If it’s set to all , then the user must have been granted all the authorities.You may be wondering how a user is granted the authorities checked for by the <secured> element.

SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-007-给flowl加权限控制<secured>的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-004-Pizza例子的用户流程(flowExecutionKey、_eventId_phoneEntered、flowExecutionUrl )

    一. 1. 2. 3.customer-flow.xml 自己定义customer,最后output <?xml version="1.0" encoding="U ...

  2. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-003-Pizza例子的基本流程

    一. 1. 2.pizza-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flow xml ...

  3. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-002-SpringFlow的组件(state\<transition>\<var>\<set>\<evaluate>)

    一. In Spring Web Flow, a flow is defined by three primary elements: states, transitions,and flow dat ...

  4. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-001- 配置SpringFlow(flow-executor、flow-registry、FlowHandlerMapping、FlowHandlerAdapter)

    一. 1.Wiring a flow executor <flow:flow-executor id="flowExecutor" /> Although the fl ...

  5. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-006-Pizza例子的支付流程

    一. 1. 2.payment-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flow x ...

  6. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-005-Pizza例子的订单流程()

    一. 1.订单流程定义文件order-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flo ...

  7. SPRING IN ACTION 第4版笔记-第十一章Persisting data with object-relational mapping-006Spring-Data的运行规则(@EnableJpaRepositories、<jpa:repositories>)

    一.JpaRepository 1.要使Spring自动生成实现类的步骤 (1)配置文件xml <?xml version="1.0" encoding="UTF- ...

  8. SPRING IN ACTION 第4版笔记-第十章Hitting the database with spring and jdbc-003-四种方式获取DataSource

    一.概述 1.Spring offers several options for configuring data-source beans in your Spring application, i ...

  9. SPRING IN ACTION 第4版笔记-第十章Hitting the database with spring and jdbc-001-Spring对原始JDBC的封装

    1.spring扩展的jdbc异常 2.Template的运行机制 Spring separates the fixed and variable parts of the data-access p ...

随机推荐

  1. jquery-ui 中treegird 逐步加载

    官方网站上没有ajax逐步加载的例子,自己研究了下 js代码 $("#bomStructureTable").treegrid({ url : "systemcontro ...

  2. String inputStream file转化

    String --> InputStreamByteArrayInputStream stream = new ByteArrayInputStream(str.getBytes()); Inp ...

  3. JS基础类型和对象,分别是按值传递还是按引用传递?

    在分析这个问题之前,我们需了解什么是按值传递(call by value),什么是按引用传递(call by reference).在计算机科学里,这个部分叫求值策略(Evaluation Strat ...

  4. css中单位px,em,rem的区别

    1,px像素(Pixel).相对长度单位.像素px是相对于显示器屏幕分辨率而言的. 2,em是相对长度单位.相对于当前对象内文本的字体尺寸.如当前对行内文本的字体尺寸未被人为设置,则相对于浏览器的默认 ...

  5. 如何用命令的方式查看你的Office2010密钥是否是永久的有效

    首先,ctrl+R ,  然后输入cmd,  回车, 进入黑框框 其次,在你的office安装位置下找到这个文件OSPP.VSB,对其右键,查看其属性,复制下它的位置.,接着  就照着下图上的操作吧~ ...

  6. sersync 实时同步工具

    出处:http://code.google.com/p/sersync/ 当前版本的sersync依赖于rsync进行同步.如下图所示,在同步主服务器上开启sersync,将监控路径中的文件同步到目标 ...

  7. 类似FirePhp的Chrome.php 调试php

    之前一直用firephp来调试php,主要受限Firefox启动太慢,研究了下chromephp; 写了个简单的判断模版: <?php /** * @Author: Klaus * @Date: ...

  8. [PHP]set_time_limit — 设置脚本最大执行时间

    (PHP 4, PHP 5) set_time_limit — 设置脚本最大执行时间 说明 void set_time_limit ( int $seconds ) 设置允许脚本运行的时间,单位为秒. ...

  9. C++ 编写 CorelDRAW CPG 插件例子(1)—WelcomeScreen

    据我所知,这是国外论坛最早的一个例子,原贴在此:http://forum.oberonplace.com/showthread.php?t=1880&highlight=Plugins 贴上主 ...

  10. Describe the difference between repeater, bridge and router.

    中继器,路由器,网桥,网关的区别. 路由器:网络层设备,实现复杂的路径选择,控制IP包从源到目的地的路径:根据IP地址进行选路和转发IP数据包 中继器:物理层设备,物理信号的重新生成,对信号进行整形和 ...