一、

What if you wanted to restrict access to certain roles only on Tuesday?

Using the access() method, you can also use SpEL as a means for declaring access requirements. For example, here’s how you could use a SpEL expression to require ROLE_SPITTER access for the /spitter/me URL pattern:

.antMatchers("/spitter/me").access("hasRole('ROLE_SPITTER')")

This security constraint placed on /spitter/me is equivalent to the one we started
with, except that now it uses SpEL to express the security rules. The hasRole() expres-
sion evaluates to true if the current user has been granted the given authority.

With Spring Security’s SpEL expressions at your disposal, you can do more than just
limit access based on a user’s granted authorities. For example, if you wanted to lock
down the /spitter/me URL s to not only require ROLE_SPITTER , but to also only be
allowed from a given IP address, you might call the access() method like this:

.antMatchers("/spitter/me")

.access("hasRole('ROLE_SPITTER') and hasIpAddress('192.168.1.2')")

SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. css3学习笔记之用户界面

    CSS3 调整尺寸(Resizing) CSS3中,resize属性指定一个元素是否应该由用户去调整大小. 这个 div 元素由用户调整大小. (在 Firefox 4+, Chrome, 和 Saf ...

  2. css笔记——inline-block以及空白字符处理

    html <html> <head> <meta http-equiv="Content-Type" content="text/html; ...

  3. C++通过域名获取IP地址的方法;调试通过!

    BOOL GetIpByDomainName(][],int *nCount) { WSADATA wsaData; ]; HOSTENT *pHostEnt; ; struct sockaddr_i ...

  4. linux同步

    1. 内核同步 主要是防止多核处理器同时访问修改某段代码,或者在对设备驱动程序进行临界区的保护. 1 .互斥量 头文件 #include<linux/mutex.h> 初始化方法: 静态初 ...

  5. lex&yacc8--wehter use in C++

    bintree.h:12:1: error: unknown type name ‘using’ using namespace std; ============== bintree.h:28:1: ...

  6. linux 硬盘相关命令学习

    summary: 查看硬盘信息:几块硬盘,品牌,容量 查看分区信息 参考资料: Linux下查看磁盘分区命令详解: http://blog.chinaunix.net/uid-26119273-id- ...

  7. Java使用基本JDK操作ZIP文件以及zip文件的加密、解密等功能

    Java使用基本JDK操作ZIP文件 http://blog.csdn.net/zhyh1986/article/details/7723649 Java解压和压缩带密码的zip文件 http://b ...

  8. [原创] linux课堂-学习笔记-目录及概况

    本学习笔记基于:网易云课堂-linux课堂 课时1Centos 6.4安装讲解46:14 课时2Centos 6.4桌面环境介绍与网络连接04:30 课时3 Linux目录结构介绍及内核与shell分 ...

  9. 定时备份服务器数据库(借助windows任务计划以及mysqldump)

    最近社区多了,考虑到数据的安全性,要每天备份一次数据库,以防万一: linux目前还不是很了解,先用windows的计划任务吧: 大体思路就是 借用windows的计划任务来执行备份远程数据库到本地: ...

  10. 添加打印机的时候怎样说windows没法连接到打印机毛病为0x00000002

    把PrinterExtensionsandNotifications这个服务启动1下试试 PrintSpooler服务停止然后再启用试试