Skip to content

How to use for checking multiple Roles?

I want to display some content conditionally based on Roles using Spring Security JSP taglibs. But in Spring Security 3.1.x is checking for only one role.

I can use but ifAllGranted is deprecated.

Any help?



There is a special security expression in spring security:

hasAnyRole(list of roles) – true if the user has been granted any of the roles specified (given as a comma-separated list of strings).

I have never used it but I think it is exactly what you are looking for.

Example usage:

<security:authorize access="hasAnyRole('ADMIN', 'DEVELOPER')">

Here is a link to the reference documentation where the standard spring security expressions are described. Also, here is a discussion where I described how to create custom expression if you need it.