Posts

Showing posts with the label access

How to block certain URLs access for some user type in Hybris?

Scenario: How to block certain URLs access for some user type in Hybris? Solution: In general, we should maintain spring  Authorities/group  for such users so that it can be blocked from  spring-security . But in my case, I don't have that choice. There are already many userType which can be identified when the user logged in and stored it in session. Here I have to use same. So I have decided to use Spring AOP to serve my aspect around the point-cut(custom annotation). In this post, I am not going to cover AOP in detail. If you don't know anything about  Spring AOP . You should first  explore it  first. 1. Create Annotation AllowUsers and BlockUsers package com . hybris . storefront . annotations ; import java . lang . annotation . ElementType ; import java . lang . annotation . Retention ; import java . lang . annotation . RetentionPolicy ; import java . lang . annotation . Target ; @Retention ( RetentionPolicy . RUNTIME ) @Target ( { ElementType . M