Announcement Announcement Module
Collapse
No announcement yet.
Secure restful URIs from spring-data REST ? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Secure restful URIs from spring-data REST ?

    I don't see a mention of this in the spring-data-rest doco. Ideally, I would have liked to have a "root" URL of my choosing (e.g., "/rest/{repository}") so that I can create a ServletFilter to protect that portion of my server resources. Any best practices out there?

  • #2
    Hello shorcode.

    With Spring Security you can easily map the URLs without problems. Example:

    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://www.springframework.org/schema/p" xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schem...-beans-3.2.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schem...curity-3.2.xsd
    http://www.springframework.org/schema/util
    http://www.springframework.org/schema/util/spring-util-3.2.xsd">

    <http pattern="/static/*" security="none" />

    <http use-expressions="true" entry-point-ref="casEntryPoint">

    <intercept-url pattern="/*" access="hasRole('ROLE_USERS')" />
    <intercept-url pattern="/rest/users/*" access="hasRole('ROLE_ADM')" />

    ...

    </http>

    ....

    </beans:beans>

    Comment

    Working...
    X