...
| Code Block |
|---|
|
<acl-publisher>
<default-acls>
<acl-entry role="MY_ROLE_PREFIX_ADMIN" acl="ADMIN_ALL" />
<acl-entry role="MY_ROLE_PREFIX_CTO" acl="ADMIN_ALL" />
<acl-entry role="MY_ROLE_PREFIX_DEV" acl="EXECUTE_SUBSCRIBE" />
<acl-entry role="MY_ROLE_PREFIX_AUTHENTICATED" acl="EXECUTE" />
</default-acls>
</acl-publisher>
<acl-voter>
<admin-role>MY_ROLE_PREFIX_ADMIN</admin-role>
</acl-voter>
<anonymous-authentication>
<anonymous-user>anonymous</anonymous-user>
<anonymous-role>MY_ROLE_PREFIX_ANONYMOUS</anonymous-role>
</anonymous-authentication>
|
| Code Block |
|---|
| xml |
|---|
| xml |
|---|
| title | applicationContext-acegi-security.xml |
|---|
|
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="foobar" />
<property name="userAttribute" value="anonymousUser,MY_ROLE_PREFIX_ANONYMOUS" />
</bean>
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<!-- omitted -->
<property name="objectDefinitionSource">
<value>
<![CDATA[
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/login*=MY_ROLE_PREFIX_ANONYMOUS,MY_ROLE_PREFIX_AUTHENTICATED
...omitted...
/**=MY_ROLE_PREFIX_AUTHENTICATED
]]>
</value>
</property>
</bean>
|
Memory
There is no additional configuration required to use role prefixes. However, be sure that your roles are stored in applicationContext-acegi-security-memory.xml with the prefixes!
Relational Database (JDBC)
There is no additional configuration required to use role prefixes. However, be sure that your roles are stored in your database with the prefixes!
Directory (LDAP)