一、

What if you wanted to restrict access to certain roles only on Tuesday?

Using the access() method, you can also use SpEL as a means for declaring access requirements. For example, here’s how you could use a SpEL expression to require ROLE_SPITTER access for the /spitter/me URL pattern:

.antMatchers("/spitter/me").access("hasRole('ROLE_SPITTER')")

This security constraint placed on /spitter/me is equivalent to the one we started
with, except that now it uses SpEL to express the security rules. The hasRole() expres-
sion evaluates to true if the current user has been granted the given authority.

With Spring Security’s SpEL expressions at your disposal, you can do more than just
limit access based on a user’s granted authorities. For example, if you wanted to lock
down the /spitter/me URL s to not only require ROLE_SPITTER , but to also only be
allowed from a given IP address, you might call the access() method like this:

.antMatchers("/spitter/me")

.access("hasRole('ROLE_SPITTER') and hasIpAddress('192.168.1.2')")

SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. FreeMarker-Built-ins for strings

    http://freemarker.org/docs/ref_builtins_string.html Page Contents boolean cap_first capitalize chop_ ...

  2. c/c++读取文件

    #include <iostream> #include <string> #include <fstream> int main() { std::ifstrea ...

  3. windows phone URI映射

    UriMapping用于在一个较短的URI和你项目中的xaml页的完整路径定义一个映射(别名).通过使用别名URI,开发者可以在不改变导航代码的情况下来改变一个项目的内部结构.该机制还提供了一个简单的 ...

  4. CMake基础教程

    如果需要配置和检查我们工程中的所有依赖,那么可以选用CMake工具:但是,这并不是必须的,因为我们可以使用其他的工具或者是IDE(比如Makefiles或者Visual Studio)来配置我们的工程 ...

  5. DTCMS视频模版更改,

    1.去掉style.css中视频的高度 .video-box{ position:relative; width:100%; height:473px; _clear:both; _display:i ...

  6. 数据库(MSSQLServer,Oracle,DB2,MySql)常见语句以及问题

    创建数据库表 create table person ( FName varchar(), FAge int, FRemark varchar(), primary key(FName) ) 基本sq ...

  7. 关于canvas中的jquery

    关于h5,相比前端的同事们都很了解了吧!h5里面有个canvas,现在用的蛮火.但是canvas里面的代码确实是有点繁多,特别是要对于图形做什么操作的时候...我昨天无意间发现了一个canvas的插件 ...

  8. linux 学习笔记3

    ①find -name *.txt //查看当前目录所有文件 .txt 结尾文件 ②whereis *.txt   //查看.txt结尾文件   但不显示 .txt 打包:tar -cf a.tar ...

  9. php三维数组去重(示例代码)

    php三维数组去重的示例代码.  假设叫数组 $my_array; <?php // 新建一个空的数组. $tmp_array = array(); $new_array = array(); ...

  10. ASP.NET工具

    每个开发人员现在应该下载的十种必备工具 发布日期: 7/20/2004 | 更新日期: 7/20/2004 本文自发布以来已经增加了新信息. 请参阅下面的编辑更新. 本文讨论: • 用于编写单元测试的 ...