-
FEATURED COMPONENTS
First time here? Check out the FAQ!
I have found that anonymous user has role="ROLE_ANONYMOUS" and name="anonymousUser".
But it's not obviously for me how to check with zk tags whether user signed in or not...
So, this does not work:
<toolbarbutton id="signIn"
if="${sec:isAllGranted('ROLE_ANONYMOUS')}"
label="Sign In"
href="/login.zul"
/>
How to make it work?
Regards,
-Andrey
Hi ady1981
You can try to print the result
<label value="${sec:isAllGranted('ROLE_ANONYMOUS')}"/>
Hi ady1981,
I just tested your code with zkspring 3.0RC release and it worked as you are expecting. If user isn't signed in then "Sign In" toolbar button is displayed and after signing in the button isn't displayed. Can you show me your security configuration file and/or the username to roles mapping?
Thanks
- Ashish
ashishd,
Here is a portion from my applicationContext-security.xml:
<security:global-method-security pre-post-annotations="enabled" /> <security:http auto-config="true"> <security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <security:form-login login-page="/login.zul" default-target-url="/index.zul" authentication-failure-url="/accessDenied.zul"/> <security:remember-me/> <security:logout logout-success-url="/index.zul"/> </security:http>
What do You mean by "username to roles mapping" (concerning ANONYMOUS user)?
Regards,
-Andrey
Hi ady1981,
you said "So, this does not work: ..."
<toolbarbutton id="signIn" if="${sec:isAllGranted('ROLE_ANONYMOUS')}" label="Sign In" href="/login.zul" />
By users to roles mapping I meant which user has which roles? For example from our sample code
<authentication-manager> <authentication-provider> <password-encoder hash="md5"/> <user-service> <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" /> <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" /> <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" /> <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" /> </user-service> </authentication-provider> </authentication-manager>
You could also try giving some default role to all your users such as ROLE_USER and try your code with ${sec:isAllGranted('ROLE_USER')} instead.
Thanks
- Ashish
<?taglib uri="/WEB-INF/tld/zkspring/security.tld" prefix="sec"?> ... <toolbarbutton id="signOut" if="${sec:isAllGranted('ROLE_USER')}" label="Sign Out" href="/logout.zul" />
<toolbarbutton id="signOut" if="${sec:isAnyGranted('ROLE_USER')}" label="Sign Out" href="/logout.zul" />
Caused by: java.lang.ClassCastException: java.util.Collections$UnmodifiableRandomAccessList cannot be cast to org.springframework.security.core.GrantedAuthority at org.zkoss.spring.security.SecurityUtil.authoritiesToRoles(SecurityUtil.java:304) at org.zkoss.spring.security.SecurityUtil.retainAll(SecurityUtil.java:368) at org.zkoss.spring.security.SecurityUtil.isAnyGranted(SecurityUtil.java:183)
Asked: 2010-04-15 06:04:46 +0800
Seen: 1,667 times
Last updated: May 01 '10