Welcome to the jGuard's wiki » Welcome on your Wiki » General section » Integrate jGuard in your jsp pages

Integrate jGuard in your jsp pages

Last modified by RaffaelloPelagalli on 2006/01/17 14:49

Integrate jGuard in your jsp pages

Add standard.jar, and jstl.jar in the lib directory and add them to the path.

  • <jguard:authorized>
The <jguard:authorized> tag is used to protect page fragments:
<jguard:authorized uri="/myApplication/SwitchToModule.do?prefix=/forum&page=/ForumPanorama.do">
this text appears only if you are authorized.
</jguard:authorized>

The text will be rendered by the jsp, only if your user, have one role,at least, which have a permission to the uri /myApplication/SwitchToModule.do?prefix=/forum&page=/ForumPanorama.do' It is important to note that a fragment is protected with a uri, and not a role. If you update the role permissions, you have not to change the jsp!!!

  • <jguard:hasPrincipal>
The tag <jguard:hasPrincipal>, display content only if the user has got a role called like the 'name' value. 'roles' attribute can have 1 à or more roles splitted by semicolon. 'operator' attribute permits to set how the tag works with 'roles':
  • if 'NONE' is set, tag will display contents only if authenticated user hasn't got any roles in the specified roleSet.
  • if 'ANY' is set, tag will display contents only if authenticated user has one or more roles in the specified roleSet.
  • if 'ALL' is set, tag will display contents only if authenticated user has all roles in the specified roleSet.
  • when the 'operator' attribute is not specified, 'ANY' is used by default.
<jguard:hasPrincipal name="admin">
   hello!! you have got a role called admin
</jguard:hasPrincipal>

Note that if you change the name of the role, you will update the jsp code, in opposite of the first tag <jguard:authorized>. So, the tag <jguard:authorized> should be used mostly to protect html links, and <jguard:hasRole> should be used to protect 'functional' content.

  • <jguard:pubCredential>
The <jguard:pubCredential> tag, display the public credential of a user identified by an "id". If the authenticated user hasn't got this credential, the tag display the default value if the webapp developer use this feature(optional); otherwise, the tag render "".

<jguard:pubCredential id="name" default="noName" />

  • <jguard:privCredential>
The <jguard:privCredential> tag, display the private credential of a user identified by an 'id'. If the authenticated user hasn't got this credential, the tag display the default value if the webapp developer use this feature(optional); Otherwise, the tag render "".

<jguard:privCredential id="login" default="default" />

All the jguard tags support expression language (EL).

Tags:
Created by diabolo512 on 2005/09/28 18:46

jGuard team copyright 2004-2009
3.1.1