0
I would like to know the correct way to add more than one permission to the same folder in springSecurity because I wanted the admin to have the same access as the average user with an extra page.
<http auto-config="true" use-expressions="true" disable-url-rewriting="false">
<intercept-url pattern="/View/UnSecured/**" access="permitAll" />
<intercept-url pattern="/login" access="permitAll"/>
<intercept-url pattern="/View/Secured/user/**" access="hasRole('ROLE_COMMON')"/>
<intercept-url pattern="/View/Secured/adm/**" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/javax.faces.resource/**" access="permitAll"/>
<intercept-url pattern="/img/**" access="permitAll" />
<intercept-url pattern="/theme/**" access="permitAll" />
<intercept-url pattern="Pacotes de Código-fonte/**" access="permitAll"/>
<!-- Custom login page -->
<form-login always-use-default-target="true"
default-target-url="/View/Secured/user/index.jsf"
authentication-failure-url="/login.xhtml?auth=fail"
login-page="/login.jsf"/>
<!-- Custom logout page -->
<logout logout-success-url="/login.jsf" />
</http>
This worked out thanks so much for the help
– Gabriel Soares