Spring Security http标签的use-expressions="true"属性

如果声明为true,那么在access属性要用hasRole()这样写:

<intercept-url pattern="/secure/extreme/**" access="hasRole('ROLE_SUPERVISOR')"/>

如果声明为false(默认),那么access直接就是

<intercept-url pattern="/secure/extreme/**" access="ROLE_USER"/>

你可能感兴趣的:(Spring Security)