Reply To: Handling dynamic security constraints

Splash Forums Rewrite Users Handling dynamic security constraints Reply To: Handling dynamic security constraints



Yes Christian, the custom condition is the way to go, getting the request I can do what I want. This is what I ended up with:

 .when(new HttpCondition() {
              public boolean evaluateHttp(HttpServletRewrite event, EvaluationContext context) {
                boolean userLogged;
                boolean rolesValid;
                HttpServletRequest request = event.getRequest();
                Principal principal = request.getUserPrincipal();

                userLogged = principal != null && principal.getName() != null;
                rolesValid = userLogged && (request.isUserInRole("guest") || request.isUserInRole("user"));

                return !userLogged || !rolesValid;
  .perform(Redirect.temporary(context.getContextPath() + "/{locale}/login"))


  • This reply was modified 8 years, 5 months ago by  Lincoln Baxter III. Reason: Added solution