EL to see whether a view activity is authorized for the current user

You can use the below EL to see whether a specific view activity is authorized for the current user

#{controllerContext.security.activity['your_view_activity_id'].viewAuthorized}

This is useful where you need to skip the rendering of links that refer to a page which is not authorized to view by the current user.

Please refer ControllerSecurityManager api to learn more.

You can download the sample workspace from here.
Run the login.html. Login to application as as guest/welcome123, application displays only 'Department' link. If you login as admin/welcome123, then application displays both 'Department' and 'Employee' links.
[Runs with Oracle JDeveloper 11g R1 PS2 + HR Schema]

Comments

Disclaimer

The views expressed on this blog are my own and do not necessarily reflect the views of my employer.