Sometimes we want to show specific content to different users based on their roles, like show system links to admins only. Spring Security provided JSP tags to solve this problem.
General syntax:1
2
3<security:authorize access="hasRole('MANAGER')">
<!-- content in this tag will show according to the authorization -->
</security:authorize>
home.jsp:1
2
3
4
5
6
7
8
9
10
11
12<security:authorize access="hasRole('MANAGER')">
<p>
<a href="${pageContext.request.contextPath}/leaders">LeaderShip Meeting</a>
(Only for Manager peeps)
</p>
</security:authorize>
<security:authorize access="hasRole('ADMIN')">
<p>
<a href="${pageContext.request.contextPath}/admins">LeaderShip Meeting</a>
(Only for Admin peeps)
</p>
</security:authorize>