一、

What if you wanted to restrict access to certain roles only on Tuesday?

Using the access() method, you can also use SpEL as a means for declaring access requirements. For example, here’s how you could use a SpEL expression to require ROLE_SPITTER access for the /spitter/me URL pattern:

.antMatchers("/spitter/me").access("hasRole('ROLE_SPITTER')")

This security constraint placed on /spitter/me is equivalent to the one we started
with, except that now it uses SpEL to express the security rules. The hasRole() expres-
sion evaluates to true if the current user has been granted the given authority.

With Spring Security’s SpEL expressions at your disposal, you can do more than just
limit access based on a user’s granted authorities. For example, if you wanted to lock
down the /spitter/me URL s to not only require ROLE_SPITTER , but to also only be
allowed from a given IP address, you might call the access() method like this:

.antMatchers("/spitter/me")

.access("hasRole('ROLE_SPITTER') and hasIpAddress('192.168.1.2')")

SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. Php 操作事务

    PHP来操作数据库 关于事务操作 连接数据 mysql_connect('localhost','root','123'); 设置字符集 mysql_query('set names utf8'); ...

  2. 关于C/C++中的位运算技巧

    本篇文章讲述在学习CSAPP位运算LAB时的一些心得. 移位运算的小技巧 C/C++对于移位运算具有不同的策略,对于无符号数,左右移位为逻辑移位,也就是直接移位:对于有符号数,采用算术移位的方式,即左 ...

  3. Linux一

    1,debian默认需要手动开启SSH连接# Authentication:LoginGraceTime 120PermitRootLogin without-passwordStrictModes ...

  4. How to: Create Your Own Test Certificate (.pfx)

    Original MSDN Link: https://msdn.microsoft.com/en-us/library/ff699202.aspx

  5. Qt实现桌面动态背景雪花飘落程序

            曾经收到过一份礼物,一个雪花飘落的程序,觉得效果很炫,通过前几篇的学习,我们已经掌握了贴图的一些技巧了,那么现在就可以自己实现了(当然你必须先拥有qt信号与槽的基础知识),这里先看效果 ...

  6. Poj 2707 Copier Reduction

    1.Link: http://poj.org/problem?id=2707 2.Content: Copier Reduction Time Limit: 1000MS   Memory Limit ...

  7. 探索 Java 同步机制[Monitor Object 并发模式在 Java 同步机制中的实现]

    探索 Java 同步机制[Monitor Object 并发模式在 Java 同步机制中的实现] https://www.ibm.com/developerworks/cn/java/j-lo-syn ...

  8. 让Dock自动 显示/隐藏 不再有延迟

    Safari 5.2 Mac OS X 10.7.2 <ignore_js_op> 可能很多朋友使用Mac的时候都会选择将Dock隐藏(可以在系统偏好设置-Dock中选择),等到使用的时候 ...

  9. 生成静态页面的PHP类

    生成静态页面的PHP类: 复制代码代码如下: <?php   class html   {    var $dir; //dir for the htmls(without/)    var $ ...

  10. php语法检查方法——命令行模式和代码形式

    1. 命令行形式 php -l /path/to/file.php 2. php代码形式 function php_syntax_check($file){ $code = file_get_cont ...