I have configured spring security core plugin using requestmap table inside the database..
Now inside requestmap table I have all the possible urls and it's equivalent roles who can access that url...
Now I want to generate menus and submenus based on the urls stored in requestmap table...
So my requirement is to check the urls of menu & submenus against the logged in users privileges... And if logged in user has any one privilege then I need to display that main menu and the available submenus....
For e.g. I have a menu in my project called user which has a following submenus :
**Users (main menu)**
Manage Users (sub menu)
Import Users (sub menu)
Now inside my header.gsp I have successfully achieved the above requirement using if else condition, like :
if ( privs.contains("/users/manageUsers") || privs.contains("/users/importUsers"))
here privs are the list of urls from requestmap table for logged in user.
But I want to achieve these using spring security tag lib, so for comparing urls I have find following tag from spring security core documentation :
<sec:access url="/users/manageUsers">
But i am bit confuse that how I can replace or condition using tag library.. Is there any tag available which checks from multiple urls and evaluate it to true or false ?
Of course I can do using sec:access tag with some flag logic, but is there any tags available which can fulfill my requirement directly ?
Thanks in advance...
The <sec:access/> tag has an expression attribute which will evaluate the expression you pass it:
http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/guide/6%20Helper%20Classes.html#6.1%20SecurityTagLib
You could also very easily create your own logical tag, which renders the tag body only if your privilege-checking conditional above is true.