如何配置Spring Security以允许在JSP页面中使用hasPermission？

我正在尝试在我的spring项目的jsp页面中使用hasPermission.我已经在我的控制器/服务类的方法中使用它没有问题.阅读文章:

http://docs.spring.io/spring-security/site/docs/4.0.0.M1/reference/htmlsingle/#the-accesscontrollist-tag

从官方文档中,我了解到,为此,我将需要实现从DefaultPermission派生的类,该类将从自定义AclService类加载.

我的问题是我找不到任何关于如何实现所有类的信息,甚至不知道这种方法是否是唯一的方法,或者我是否以正确的方式理解了主题(官方文档对此主题非常简短,在互联网的其余部分,我找不到更多的信息).

任何人都可以指出我在正确的方向吗？也许指出一些教程或代码示例.

UPDATE

从StackOverflow读取其他主题,我发现了这个问题:

This is what I have done. I created my own permission evaulator:

>     public class MyPermissionEvaluator implements PermissionEvaluator {
>     ...
>     }

Then I configured spring to use that evaulator via

>              class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
>           
>     
>     
>              class="com.bulb.learn.webapp.security.CustomWebSecurityExpressionHandler">
>         
>     
>     
>     

That way all expression handlers have access to my evaulator.

Then, in JSP (actually, I am using jspx), I can make tags like this:

>     
>          ...
>     

Hope that gets you heading in the right direction.

由于我已经有自定义PermissionEvaluator,我尝试这种方法.它部分工作,但现在,即使用户具有权限,也不会显示标记内的元素.此外,eclipse指示与此标记相关的错误('令牌上的语法错误,错位的构造'),尽管应用程序正在构建并执行而没有错误.

在控制台中,显示以下错误:

un 03, 2014 7:48:40 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'cadastra_usuario' on object null
Jun 03, 2014 7:48:40 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'altera_usuario' on object null
Jun 03, 2014 7:48:40 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'remove_usuario' on object null
Jun 03, 2014 7:48:45 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'cadastra_permissao' on object null
Jun 03, 2014 7:48:45 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'altera_permissao' on object null
Jun 03, 2014 7:48:45 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'remove_permissao' on object null
Jun 03, 2014 7:48:57 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'cadastra_usuario' on object null
Jun 03, 2014 7:48:57 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'altera_usuario' on object null
Jun 03, 2014 7:48:57 PM org.springframework.security.access.expression.DenyAllPermissionEvaluator hasPermission
Advertência: Denying user klebermo permission 'remove_usuario' on object null

在互联网上,我发现了一些文章,我应该为WebSecurityExpressionHandler实现一个接口.

谁知道这里有正确的步骤？

更新2

以前,我使用的是这个标签:

如果用户具有给定对象上的值"1"或"2"表示的任一权限,则会显示此信息.

在控制台中没有显示错误,但仍然无法正常工作.我的问题我需要实现哪个对象来分配标记的domainObject？