一、

What if you wanted to restrict access to certain roles only on Tuesday?

Using the access() method, you can also use SpEL as a means for declaring access requirements. For example, here’s how you could use a SpEL expression to require ROLE_SPITTER access for the /spitter/me URL pattern:

.antMatchers("/spitter/me").access("hasRole('ROLE_SPITTER')")

This security constraint placed on /spitter/me is equivalent to the one we started
with, except that now it uses SpEL to express the security rules. The hasRole() expres-
sion evaluates to true if the current user has been granted the given authority.

With Spring Security’s SpEL expressions at your disposal, you can do more than just
limit access based on a user’s granted authorities. For example, if you wanted to lock
down the /spitter/me URL s to not only require ROLE_SPITTER , but to also only be
allowed from a given IP address, you might call the access() method like this:

.antMatchers("/spitter/me")

.access("hasRole('ROLE_SPITTER') and hasIpAddress('192.168.1.2')")

SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. PHP中的变量

    PHP中的变量 程序是由代码与数据两部分组成,数据存储在变量,变量的本质是内存中的一个存储空间.变量对应的空间有一个名子,叫变量名,变量名用于对数据进行读写. 变量的定义 在php变量名之前必须使用' ...

  2. Poj 2262 / OpenJudge 2262 Goldbach's Conjecture

    1.Link: http://poj.org/problem?id=2262 http://bailian.openjudge.cn/practice/2262 2.Content: Goldbach ...

  3. .NET清楚Cookies

    foreach (string cookiename in Request.Cookies.AllKeys) { HttpCookie cookies = Request.Cookies[cookie ...

  4. debian 学习记录-1 -安装

    之前装ubuntu12. 后来没有继续用,图形界面很不错,没有继续学习原因很多: · 没有基础知识支持(拷贝文件都是用鼠标拖动的) · 图形界面很好,导致没有使用命令行,安装驱动什么的都是靠鼠标点击 ...

  5. antuomake 生成configure的使用

    configure 作为编译配置脚本,有大量选项可供不同编译需求,这些选项直 接作用到最终生成的Makefile文件 问题:automake默认的gcc编译选项为-Wall -O2 -g,怎么改为我们 ...

  6. DTcms同一频道需要两种类型的列表模版思路

    放两个列表模版即可,两个模版下的内容都可以访问,同一个内容展示不同的模版,需要什么栏目,链接就写哪个. 对动态链接进行判断,选择 最终效果: 频道URL配置

  7. XML解析之PULL

    在Android中极力推荐的xmlpull方式解析xml. 为什么 STAX 解析方式 效率 好于 SAX ? 1.SAX 无选择性的,所有事件都会处理 解析方式,Stax 由用户控制需要处理事件类型 ...

  8. 类似FirePhp的Chrome.php 调试php

    之前一直用firephp来调试php,主要受限Firefox启动太慢,研究了下chromephp; 写了个简单的判断模版: <?php /** * @Author: Klaus * @Date: ...

  9. WordPress 后台禁用Google Open Sans字体,加速网站

    解决方法很简单,安装启用 Disable Google Fonts 或者 Remove Open Sans font Link from WP core 其中之一即可.或者如果你没有使用WP自带的官方 ...

  10. linux 输入子系统(4)---- input子系统的初始化

    Input子系统的初始化函数为input_init(),如下: static int __init input_init(void) { int err; input_init_abs_bypass( ...