Posts

Showing posts with the label How to block certain URLs access for some user type in Hybris

How to block certain URLs access for some user type in Hybris?

Scenario: How to block certain URLs access for some user type in Hybris? Solution: In general, we should maintain spring  Authorities/group  for such users so that it can be blocked from  spring-security . But in my case, I don't have that choice. There are already many userType which can be identified when the user logged in and stored it in session. Here I have to use same. So I have decided to use Spring AOP to serve my aspect around the point-cut(custom annotation). In this post, I am not going to cover AOP in detail. If you don't know anything about  Spring AOP . You should first  explore it  first. 1. Create Annotation AllowUsers and BlockUsers package com . hybris . storefront . annotations ; import java . lang . annotation . ElementType ; import java . lang . annotation . Retention ; import java . lang . annotation . RetentionPolicy ; import java . lang . annotation . Target ; @Retention ( RetentionPolicy . RUNTIME ) @Target ( { ElementType . M