security.tld

安全框架实例 入门经典小例子 使用spring hibernate与其集成acegi 2.0

<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE taglib
        PUBLIC "-//Sun Microsystems, Inc.//DTD JSP Tag Library 1.2//EN"
        "http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd">
<taglib>
	<tlib-version>1.0</tlib-version>
	<jsp-version>1.2</jsp-version>
	<short-name>security</short-name>
	<uri>http://www.springframework.org/security/tags</uri>
	<description>
        Spring Security Authorization Tag Library
		$Id: security.tld 2664 2008-02-25 17:56:25Z luke_t $
	</description>

	<tag>
		<name>authorize</name>
		<tag-class>org.springframework.security.taglibs.authz.AuthorizeTag</tag-class>
		<description>
            A simple tag to output or not the body of the tag if the principal
            has or doesn't have certain authorities.
		</description>

		<attribute>
			<name>ifNotGranted</name>
			<required>false</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                A comma separated list of roles which the user must not have
                for the body to be output.
			</description>
		</attribute>

		<attribute>
			<name>ifAllGranted</name>
			<required>false</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                A comma separated list of roles which the user must all
                possess for the body to be output.
			</description>
		</attribute>

		<attribute>
			<name>ifAnyGranted</name>
			<required>false</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                A comma separated list of roles, one of which the user must
                possess for the body to be output.
			</description>
		</attribute>
	</tag>

    <tag>
        <name>authentication</name>
        <tag-class>org.springframework.security.taglibs.authz.AuthenticationTag</tag-class>
        <description>
            Allows access to the current Authentication object.
        </description>

        <attribute>
            <name>property</name>
            <required>true</required>
            <rtexprvalue>true</rtexprvalue>
            <description>
                Property of the Authentication object which should be output. Supports nested
                properties. For example if the principal object is an instance of UserDetails,
                te property "principal.username" will return the username. Alternatively, using
                "name" will call getName method on the Authentication object directly.
            </description>
        </attribute>
        <attribute>
            <name>var</name>
            <required>false</required>
            <rtexprvalue>false</rtexprvalue>
            <description>
                Name of the exported scoped variable for the
                exception thrown from a nested action. The type of the
                scoped variable is the type of the exception thrown.
            </description>
        </attribute>
        <attribute>
            <name>scope</name>
            <required>false</required>
            <rtexprvalue>false</rtexprvalue>
            <description>
                Scope for var.
            </description>
        </attribute>
    </tag>

	<tag>
		<name>acl</name>
		<tag-class>org.springframework.security.taglibs.authz.AclTag</tag-class>
		<description>
            Allows inclusion of a tag body if the current Authentication
			has one of the specified permissions to the presented
			domain object instance. This tag uses the first AclManager
			it locates via
			WebApplicationContextUtils.getRequiredWebApplicationContext(HttpServletContext).
		</description>

		<attribute>
			<name>hasPermission</name>
			<required>true</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                A comma separated list of integers, each representing a
				required bit mask permission from a subclass of
                org.springframework.security.acl.basic.AbstractBasicAclEntry.
            </description>
		</attribute>
		<attribute>
			<name>domainObject</name>
			<required>true</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                The actual domain object instance for which permissions
				are being evaluated.
			</description>
		</attribute>
	</tag>

	<tag>
		<name>accesscontrollist</name>
		<tag-class>org.springframework.security.taglibs.authz.AccessControlListTag</tag-class>
		<description>
            Allows inclusion of a tag body if the current Authentication
			has one of the specified permissions to the presented
			domain object instance.
		</description>

		<attribute>
			<name>hasPermission</name>
			<required>true</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                A comma separated list of integers, each representing a
				required bit mask permission from a subclass of
                org.springframework.security.acl.basic.AbstractBasicAclEntry.
            </description>
		</attribute>
		<attribute>
			<name>domainObject</name>
			<required>true</required>
			<rtexprvalue>true</rtexprvalue>
			<description>
                The actual domain object instance for which permissions
				are being evaluated.
			</description>
		</attribute>
	</tag>

</taglib>