Spring Security. How, depending on the user's role, perform different methods when requesting an address?

Question

There is a request to the address. It is necessary, depending on the rights of the user, to perform different methods.

@RequestMapping(value = "/currentAsset",method = RequestMethod.GET) @PreAuthorize("hasAuthority('MANAGER')") public Map<String, List> currentAssetManager(Model model){ Map<String, List> stringListMap = new HashMap<>(); //logic return stringListMap; } @RequestMapping(value = "/currentAsset",method = RequestMethod.GET) @PreAuthorize("hasAuthority('BOSS')") public Map<String, List> currentAsset(Model model){ Map<String, List> stringListMap = new HashMap<>(); //logic return stringListMap; }

This option does not work, what a similar solution is Spring 3.0

Here is a good answer to your question: stackoverflow.com/questions/3021200/…

Nofate ♦ 32.5k 13 55 86 · Accepted Answer · 2016-04-02T16:30:53

Specify the version of Spring-Security you are using. In Spring-Security 3.0 there is a class SecurityContextHolderAwareRequestWrapper which allows you to determine the presence of one or another role. In your case in the controller, you can use something like

 if(SecurityContextHolderAwareRequestWrapper.isUserInRole("admin")){ //Некоторые действия } else { //Некоторые действия }

Spring Security. How, depending on the user's role, perform different methods when requesting an address?

1 answer 1

More articles: