一、

What if you wanted to restrict access to certain roles only on Tuesday?

Using the access() method, you can also use SpEL as a means for declaring access requirements. For example, here’s how you could use a SpEL expression to require ROLE_SPITTER access for the /spitter/me URL pattern:

.antMatchers("/spitter/me").access("hasRole('ROLE_SPITTER')")

This security constraint placed on /spitter/me is equivalent to the one we started
with, except that now it uses SpEL to express the security rules. The hasRole() expres-
sion evaluates to true if the current user has been granted the given authority.

With Spring Security’s SpEL expressions at your disposal, you can do more than just
limit access based on a user’s granted authorities. For example, if you wanted to lock
down the /spitter/me URL s to not only require ROLE_SPITTER , but to also only be
allowed from a given IP address, you might call the access() method like this:

.antMatchers("/spitter/me")

.access("hasRole('ROLE_SPITTER') and hasIpAddress('192.168.1.2')")

SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. 使用WM_PASTE 和 WM_CHAR 消息时中文乱码总结

    当我们需要设置编辑框显示文本的时候,如果其它方式无法实现,可以试试WM_PASTE 和 WM_CHAR. 但使用这两种消息很容易出现中文乱码的情况,这一般是编码问题,可参考如下几点: 1,中文应采用U ...

  2. Z-Stack内部API 小结

    Z-Stack是TI推出的全功能ZigBee协议栈,通过了ZigBee联盟的兼容性平台测试,包含如下几个组件. 1. HAL,硬件抽象层 2. OSAL,操作系统抽象层 3. ZigBee Stack ...

  3. [转]Nuget挂了的解决方法

    今天用Nuget下一个程序包时,发现Nuget挂了:未能解析此远程名称:'nuget.org'.第一反应就是方校长抖威风了,挂个代理上 http://nuget.org 试了下,果然好好的. 用命令n ...

  4. PHP5 GD库生成图形验证码(汉字)

    PHP5 GD库生成图形验证码且带有汉字的实例分享. 1,利用GD库函数生成图片,并在图片上写指定字符imagecreatetruecolor 新建一个真彩色图像imagecolorallocate ...

  5. WordPress 后台禁用Google Open Sans字体,加速网站

    解决方法很简单,安装启用 Disable Google Fonts 或者 Remove Open Sans font Link from WP core 其中之一即可.或者如果你没有使用WP自带的官方 ...

  6. Spark Streaming揭秘 Day21 动态Batch size实现初探(下)

    Spark Streaming揭秘 Day21 动态Batch size实现初探(下) 接昨天的描述,今天继续解析动态Batch size调整的实现. 算法 动态调整采用了Fix-point迭代算法, ...

  7. ffmpeg yuv转h264

    ffmpeg -s 176x144 -i  container_qcif_176_144.yuv -b:v 7776k -r 25 -vcodec libx264 ds.h264

  8. 转载 @html.ActionLink的几种参数格式

    一 Html.ActionLink("linkText","actionName") 该重载的第一个参数是该链接要显示的文字,第二个参数是对应的控制器的方法, ...

  9. 【BZOJ3524】 [Poi2014]Couriers

    Description 给一个长度为n的序列a.1≤a[i]≤n.m组询问,每次询问一个区间[l,r],是否存在一个数在[l,r]中出现的次数大于(r-l+1)/2.如果存在,输出这个数,否则输出0. ...

  10. mysql-community-server 5.7.16 设置密码

    那是由于mysql-community-server 5.7的密码是一个默认的随机密码,这个初始密码,mysql又不告诉你,我们需要重设这个密码. service mysqld stop mysqld ...