SEC-1798: Remove internal evaluation of EL in JSP tag implementations.
This commit is contained in:
@@ -94,7 +94,7 @@ This content will only be visible to users who are authorized to send requests t
|
||||
comma-separated list of required permissions for a specified domain object. If the
|
||||
current user has any of those permissions, then the tag body will be evaluated. If they
|
||||
don't, it will be skipped. An example might
|
||||
be<programlisting language="xml"><sec:accesscontrollist hasPermission="1,2" domainObject="someObject">
|
||||
be<programlisting language="xml"><sec:accesscontrollist hasPermission="1,2" domainObject="${someObject}">
|
||||
|
||||
This will be shown if the user has either of the permissions
|
||||
represented by the values "1" or "2" on the given object.
|
||||
|
||||
Reference in New Issue
Block a user