[전자정부프레임워크 v3.7] 스프링 시큐리티 <sec:authorize access

로그인 ROLE에 따라 특정 메뉴 보이기/숨기기

 

 

1. pom.xml 확인

<dependency>

<groupId>egovframework.rte</groupId>

<artifactId>egovframework.rte.fdl.security</artifactId>

<version>${egovframework.rte.version}</version>

 

</dependency>

 

2. jsp 파일

<%@ taglib uri="http://www.springframework.org/security/tags" prefix="sec" %>

<!-- 관리자 로그인 중-->

<sec:authorize access="hasRole('ROLE_ADMIN')">

<button>관리자접속중</button>

</sec:authorize>  

<!-- 로그인 전 -->

<sec:authorize access="isAnonymous()">

<button>로그인하세요.</button>

</sec:authorize>

<!-- 사용자 로그인 중 -->

<sec:authorize access="isAuthenticated()">

<button>로그인하세요.</button>

</sec:authorize>

* 추가 표현들

https://docs.spring.io/spring-security/site/docs/3.0.x/reference/el-access.html

hasRole([role])	특정한 롤을 가지고 있는 경우 true
hasAnyRole([role1,role2])	복수의 롤을 가지고 있는 경우 true
principal	Allows direct access to the principal object representing the current user
authentication	Allows direct access to the current Authentication object obtained from the SecurityContext
permitAll	Always evaluates to true
denyAll	Always evaluates to false
isAnonymous()	Returns true if the current principal is an anonymous user
isRememberMe()	Returns true if the current principal is a remember-me user
isAuthenticated()	Returns true if the user is not anonymous
isFullyAuthenticated()	Returns true if the user is not an anonymous or a remember-me user