Spring Security hasRole() not working

java spring spring-mvc spring-security thymeleaf

Solution 1:

Try use hasAuthority instead hasRole inside HTML-tag.

sec:authorize="hasAuthority('ADMIN')"

Solution 2:

You are missing a concept:

  • If you use hasRole('ADMIN'), in your ADMIN Enum must be ROLE_ADMIN instead of ADMIN.
  • If you use hasAuthority('ADMIN'), your ADMIN Enum must be ADMIN.

In spring security, hasRole() is the same as hasAuthority(), but hasRole() function map with Authority without ROLE_ prefix.

You can find the accepted answer in this post: Difference between Role and GrantedAuthority in Spring Security

Solution 3:

I've had the same issue upgrading from Spring Security 3.x to 4.x. Changing hasRole() to hasAuthority() did the trick for me.

http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#el-common-built-in

Related

Connecting php 7.2 to MS SQL using sqlsrv
Get time from LocalDateTime
Placing images partially off screen and rotate it
Microsoft Graph - User photo : Microsoft.Fast.Profile.Core.Exception.ImageNotFoundException
NativeScript code sharing project with scss compilation error math.div function undefined
pandas to_sql in django: insert foreign key into DB
The terminal does not display Devanagri scripts (Hindi, Nepali, etc.) properly
How to integrate Audacious in the sound menu?
Understanding the functionality of a button with a rotating arrow in GNOME 3 status menu
Problems playing videos
Lubuntu 16.04 gets stuck at shutdown (nmi watchdog bug soft lockup - cpu#1 stuck for 22s) [duplicate]
Wine won't install, Does not have valid release file