States, transitions, and entire flows can be secured in Spring Web Flow by using the <secured> element as a child of those elements. For example, to secure access to a view state, you might use <secured> like this:

 <view-state id="restricted">

     <secured attributes="ROLE_ADMIN" match="all"/>

 </view-state>

As configured here, access to the view state will be restricted to only users who are granted ROLE_ADMIN access (per the attributes attribute). The attributes attribute takes a comma-separated list of authorities that the user must have to gain access to the state, transition, or flow. The match attribute can be set to either any or all . If it’s set to any , then the user must be granted at least one of the authorities listed in attributes . If it’s set to all , then the user must have been granted all the authorities.You may be wondering how a user is granted the authorities checked for by the <secured> element.

SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-007-给flowl加权限控制<secured>的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-004-Pizza例子的用户流程(flowExecutionKey、_eventId_phoneEntered、flowExecutionUrl )

    一. 1. 2. 3.customer-flow.xml 自己定义customer,最后output <?xml version="1.0" encoding="U ...

  2. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-003-Pizza例子的基本流程

    一. 1. 2.pizza-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flow xml ...

  3. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-002-SpringFlow的组件(state\<transition>\<var>\<set>\<evaluate>)

    一. In Spring Web Flow, a flow is defined by three primary elements: states, transitions,and flow dat ...

  4. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-001- 配置SpringFlow(flow-executor、flow-registry、FlowHandlerMapping、FlowHandlerAdapter)

    一. 1.Wiring a flow executor <flow:flow-executor id="flowExecutor" /> Although the fl ...

  5. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-006-Pizza例子的支付流程

    一. 1. 2.payment-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flow x ...

  6. SPRING IN ACTION 第4版笔记-第八章Advanced Spring MVC-005-Pizza例子的订单流程()

    一. 1.订单流程定义文件order-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flo ...

  7. SPRING IN ACTION 第4版笔记-第十一章Persisting data with object-relational mapping-006Spring-Data的运行规则(@EnableJpaRepositories、<jpa:repositories>)

    一.JpaRepository 1.要使Spring自动生成实现类的步骤 (1)配置文件xml <?xml version="1.0" encoding="UTF- ...

  8. SPRING IN ACTION 第4版笔记-第十章Hitting the database with spring and jdbc-003-四种方式获取DataSource

    一.概述 1.Spring offers several options for configuring data-source beans in your Spring application, i ...

  9. SPRING IN ACTION 第4版笔记-第十章Hitting the database with spring and jdbc-001-Spring对原始JDBC的封装

    1.spring扩展的jdbc异常 2.Template的运行机制 Spring separates the fixed and variable parts of the data-access p ...

随机推荐

  1. Android开发之如何保证Service不被杀掉(前台服务)

    序言 最近项目要实现这样一个效果:运行后,要有一个service始终保持在后台运行,不管用户作出什么操作,都要保证service不被kill.参考了现今各种定制版的系统和安全厂商牛虻软件,如何能保证自 ...

  2. int组成时间值

    int startYear = int.Parse(DateTime.Now.Year.ToString()); int startMouth = int.Parse(DateTime.Now.Mon ...

  3. 提高 Discuz 门户文章被百度收录的方法

    如果你了解 SEO,你就该清楚使用 canonical URL 标签可以固定网页标准地址,可以提高网页的权重,有利于搜索引擎收录. 例如我的网站拥有两个子域名www.bbseat.com.cn和bbs ...

  4. php代码加密|PHP源码加密——实现方法

    Encipher - PHP代码加密 | PHP源码加密下载地址:https://github.com/uniqid/encipher 该加密程序是用PHP代码写的,加密后代码无需任何附加扩展,无需安 ...

  5. c#中sqlhelper类的编写(一)

    在.net平台的项目开发中,凡是用到数据库交互的,都有必要了解SqlHelper类的原理. 步骤一: 我就拿WPF项目开发作为例子.首先要新建一个App.config(应用程序配置文件).注意,在VS ...

  6. 辛星Spring4.x教程开放下载了

    下载地址:  https://pan.baidu.com/s/1kVSAYeb

  7. C# - 高级方法参数

    可选参数 -必须有个默认值,默认值必须是字面值,常量值,新对象实例或者默认值类型值. public List<string> GetWords( string sentence, bool ...

  8. jq 7种实例化

    $(html) ->$(array) $(html,{}||$(...)) $(#id) $(expr,$(...)) $(expr,context) $(dom) $(function(){} ...

  9. python学习笔记19(序列的方法)

    序列包含有宝值 表(tuple)和表(list).此外,字符串(string)是一种特殊的定值表,表的元素可以更改,定值表一旦建立,其元素不可更改. 任何的序列都可以引用其中的元素(item). 下面 ...

  10. UILabel 根据内容的多少来计算label的frame

    self.label.text = @"...."; 计算 frame 的最新方法 //1.设置lable最大显示行数 self.label.numberOfLines = 0; ...