Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-04 12:29:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts

Browse Source
This commit is contained in:
Rob Winch 2011-06-02 21:19:01 -05:00
parent 132163ec2e
commit c9b328d8c7
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
samples/tutorial/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
View File

@ -12,6 +12,14 @@
<div id="content"> <div id="content">
<h1>Accounts</h1> <h1>Accounts</h1>
<p>
Anyone can view this page, but posting to an Account requires login and must be authorized. Below are some users to try posting to Accounts with.
</p>
<ul>
<li>rod/koala - can post to any Account</li>
<li>dianne/emu - can post to Accounts as long as the balance remains above the overdraft amount</li>
<li>scott/wombat - cannot post to any Accounts</li>
</ul>
<a href="index.jsp">Home</a><br><br> <a href="index.jsp">Home</a><br><br>

2
samples/tutorial/src/main/webapp/index.jsp
View File

@ -18,7 +18,7 @@
Anyone can view this page. Anyone can view this page.
</p> </p>
<p> <p>
If you're logged in, you can <a href="listAccounts.html">list accounts</a>. While anyone can also view the <a href="listAccounts.html">list accounts</a> page, you must be authorized to post to an Account from the list accounts page.
</p> </p>
<p> <p>
Your principal object is....: <%= request.getUserPrincipal() %> Your principal object is....: <%= request.getUserPrincipal() %>