Home > Enterprise >  How can I make a textbox readonly using spring security role?
How can I make a textbox readonly using spring security role?

Time:02-11

I'm just a new to Spring security.

Today I just wonder how can I make a textbox as readonly depends on account's role?

For example, If account's role is not Admin I want to make textbox as readonly.

I tried this code for it, but It didn't work.

<sec:authorize access="hasAnyRole('ROLE_ADMIN')">
    <input type="text" id="userID">
</sec:authorize>

Thanks for your help.

CodePudding user response:

If you mean client side, I think you're looking for

 <input type="text" id="userID" readonly="readonly">

If you mean server-side ("don't trust the user input"), well... That depends how your server side works.

CodePudding user response:

Make sure you have the Thymeleaf Spring Security 5 dependency:

implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5'

Then you can show different inputs based on the users role:

<span sec:authorize="hasRole('ADMIN')">
    <input type="text" id="userID">
</span>
<span sec:authorize="!hasRole('ADMIN')">
    <input type="text" id="userID" readonly="readonly">
</span>
  • Related