Announcement Announcement Module
Collapse
No announcement yet.
spring-data-rest: how to implement security check on domain objects? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • spring-data-rest: how to implement security check on domain objects?

    Is there any way in spring-data-rest to verify that a user is indeed authorised to read a specific domain object? I need to implement some kind of ACL-like mechanism so a user can only read specific domain objects, to whom they have access.

    Something like @RepositoryEventHandler where you can intercept the request after the domain object has been fetched from the DB, do the security checks and throw an AccessDeniedException for example.
Working...
X