问题描述
我是spring mvc的新手,在我现有的项目中,只有一个admin,并且他们有权更新数据,但是现在我需要创建2个新admin,admin1和admin2.这样只能在他们登录时看到受限的页面:
I am new in spring mvc , In my existing project , there is one admin and they have rights to update data , but now i need to create 2 new admin , admin1 and admin2that can only see limited page when they login like:
当管理员登录时,他们可以在菜单栏中看到添加数据,更新数据,发布消息页面.但如果是Admin1,则只能在菜单栏中看到发布消息"页面.
when admin login , they can see Add data, update data, Post message pages in menu bar.but in case Admin1 , can see only Post meassage page in menu bar.
所以,请指导我如何在Spring MVC中完成此任务预先感谢.
so, please guide me how can i achieve this task in spring mvcThanks in Advance.
推荐答案
您必须考虑使用Spring安全性来实现这一点.请检查以下内容
you have to consider using Spring security to achieve this.check the following
<http auto-config="true">
<intercept-url pattern="/admin*" access="ROLE_ADMIN" />
</http>
这意味着,只有具有"ROLE_ADMIN"权限的用户才能访问URI/admin *.如果未经授权的用户尝试访问它,将显示"http 403访问被拒绝的页面".
It means, only user with authority of "ROLE_ADMIN" is allowed to access URI /admin*. If non authorized user try to access it, a "http 403 access denied page" will be displayed.
您必须配置网址及其允许的访问权限
you have to configure the urls and the allowed access to them
http://www.mkyong上的简单示例. com/spring-security/spring-security-access-control-example/
这篇关于Spring MVC角色和管理员权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!