Secure JSP Taglibs

I’ve just created the project Secure JSP Taglibs at Google Code Project Hosting with the ambition to fill some gaps in the security of the presentation layer in a Java web application.

For now it doesn’t do too much, more features will be added in the future.
This Taglib allows you to evaluate the nested body content of the tag to test if the user has the specified roles.
This is equivalent to the isUserInRole() method, but you can evaluate multiple roles (comma separated) at the same time.

Examples:

<secure:one roles="role1toevaluate, role2toevaluate">
    Show this content if the user has one of the specified roles.
</secure:one>
<secure:all roles="role1toevaluate, role2toevaluate">
    Show this content if the user has all the specified roles.
</secure:all>
<secure:none roles="role1toevaluate, role2toevaluate">
    Show this content if the user has none of the specified roles.
</secure:none>

Feel free to use it, it’s licensed under Apache License 2.0 and can be found at http://code.google.com/p/secure-taglib/.

Published by

Samuel Santos

Java developer, Open Source hacker, Web technologist, JUG Leader.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>