This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Child pages
  • Roles Interceptor
Skip to end of metadata
Go to start of metadata

This interceptor ensures that the action will only be executed if the user has the correct role.


  • allowedRoles - a comma-separated list of roles to allow
  • disallowedRoles - a comma-separated list of roles to disallow

When both allowedRoles and disallowedRoles are configured, then disallowedRoles takes precedence, applying the following logic: (if ((inRole(role1) || inRole(role2) || ... inRole(roleN)) && !inRole(roleA) && !inRole(roleB) && ... !inRole(roleZ)) { //permit ...


Error rendering macro 'code': Invalid value specified for parameter 'java.lang.NullPointerException'
<!-- only allows the admin and member roles -->
<action name="someAction" class="com.examples.SomeAction">
    <interceptor-ref name="completeStack"/>
    <interceptor-ref name="roles">
      <param name="allowedRoles">admin,member</param>
    <result name="success">good_result.ftl</result>
  • No labels