Posts

Showing posts with the label How to block certain URLs access for some user type in Hybris

How to block certain URLs access for some user type in Hybris?

Scenario: How to block certain URLs access for some user type in Hybris? Solution: In general, we should maintain spring Authorities/group for such users so that it can be blocked from spring-security. But in my case, I don't have that choice. There are already many userType which can be identified when the user logged in and stored it in session. Here I have to use same. So I have decided to use Spring AOP to serve my aspect around the point-cut(custom annotation). In this post, I am not going to cover AOP in detail. If you don't know anything about Spring AOP. You should first explore it first. 1. Create Annotation AllowUsers and BlockUsers package com.hybris.storefront.