Spring Security Tags in JSP and Sitemesh
If you are facing problem with the usage of any of the below tags
<sec:authorize access="isAuthenticated()"></sec:authorize>
<sec:authorize url="/admin/users"></sec:authorize>
in your JSP despite including the security tag library or TLD
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
There could be 2 possible reasons:
//Spring Security Mapping
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
//Sitemesh Mapping
<filter-mapping>
<filter-name>sitemeshFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<sec:authorize access="isAuthenticated()"></sec:authorize>
<sec:authorize url="/admin/users"></sec:authorize>
in your JSP despite including the security tag library or TLD
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
- The security tld which you are referencing could be old. Try and update to the TLD to the correct version of spring-security-web which you are referencing in your project. You can find the latest TLD here.
- After updating the tag library, if you still face any issue, then check the web.xml file for the order of filter definitions. The order of filter definitions:
- Spring Container related
- Spring Security
- Sitemesh.
- Thumb-rule being Spring Security Filter *ALWAYS* needs to be defined before Sitemesh
//Spring Security Mapping
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
//Sitemesh Mapping
<filter-mapping>
<filter-name>sitemeshFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Labels: jsp, sitemesh, spring, spring_security3x, tag_library
posted by vevck at 11/19/2012 06:25:00 PM
0 Comments:
Post a Comment
<< Home