-
-
Save hendisantika/be88e2cd28f468260b22d5c9fd663a57 to your computer and use it in GitHub Desktop.
Role checking Cheatsheet in Spring security and Thymeleaf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5"> | |
| <div> | |
| <b>Username:</b> | |
| <div sec:authentication="name"> | |
| The value of the "name" property of the authentication object should appear here. | |
| </div> | |
| </div> | |
| <div> | |
| <b>User Roles: </b> | |
| <div sec:authentication="principal.authorities"></div> | |
| </div> | |
| <div> | |
| <b>Role checking:</b> | |
| <div sec:authorize="isAuthenticated()">1. User is authenticated.</div> | |
| <div th:if="${#strings.contains(#authentication.principal.authorities, 'ROLE_ADMIN')}"> | |
| 2. User has authority ADMIN. | |
| </div> | |
| <div th:if="${#authorization.expression('hasAuthority(''ROLE_ADMIN'')')}"> | |
| 3. User has authority ADMIN. | |
| </div> | |
| <div th:if="${#authorization.expression('hasRole(''USER'')')}"> | |
| 4. User has role USER. | |
| </div> | |
| <div sec:authorize="hasRole('USER')">5. User has role USER.</div> | |
| <div sec:authorize="hasAuthority('ROLE_ADMIN')">6. User has authority ADMIN.</div> | |
| <div sec:authorize="hasAuthority('ROLE_ADMIN')">7. User has authority ADMIN.</div> | |
| </div> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment