Error using Spring authorize tag to check to see if user is logged in?
Trying to test to see if a user is logged in I am using the following code:
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %> <sec:authorize access="isAuthenticated()"> YES, you are logged in! </sec:authorize>
But I am getting the following erorr?
javax.servlet.jsp.JspException: No visible WebSecurityExpressionHandler instance could be found in the application context. There must be at least one in order to support expressions in JSP 'authorize' tags. at org.springframework.security.taglibs.authz.AuthorizeTag.getExpressionHandler(AuthorizeTag.java:100) at org.springframework.security.taglibs.authz.AuthorizeTag.authorizeUsingAccessExpression(AuthorizeTag.java:58) at org.springframework.security.taglibs.authz.AuthorizeTag.doStartTag(AuthorizeTag.java:48)
To use expressions to secure individual URLs, you would first need to set the use-expressions attribute in the element to true
<http use-expressions="true"> See Spring Security doc
Setting use-expressions="true" in the http element will work but means all your security settings in both Java code and security contexts must use expression notations. This can be a problem if you are currently using the standard security notations.
To use both expressions and standard notations just declare a new bean in your security context like so -