Spring: What parser to use to parse security expressions

Question

I would like to parse standard security expressions like hasRole etc. to get their value in a variable (in a JSP). How can I do that? SpelExpressionParser is the standard EL parser, but I don't think it will parse the security expression.

Answer 1

The simpliest approach is to use a <sec:authorize> tag and modify a desired variable inside its body.

If you actually want to evaluate expressions manually, look at the source of AuthorizeTag - it gets the first bean of type WebSecurtyExpressionHandler from the web application context and uses it to obtain ExpressionParser and EvaluationContext.

Answer 2

I've posted an answer in this topic here - How to parse spring security expressions programmatically. I think this answers your question also.