Announcement Announcement Module
Collapse
No announcement yet.
Method Level security with permissions not roles Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Method Level security with permissions not roles

    i want to make method level security for my spring application.
    the security design is as follows: User > Roles > Permissions
    well when i use
    Code:
    @PreAuthorize
    with
    Code:
    hasRole
    it works fine
    but when i try to use it with
    Code:
    hasPermission
    , it doesn't work, i found that i should use Spring ACL for such approach, but it seems to be over-killing for the requirement, so is there's any way to define role permissions in xml file, or any other workarounds or other ways to get method level security works with permissions instead of roles, and withour using ACL, if there's no way but to use ACL, then please suggest me a good example.
    Last edited by sword101; Oct 26th, 2011, 03:55 PM.

  • #2
    granted authority based permission

    Please refer to the below article from one of the author of spring in practice
    howerver I request one of the springsource contributor to validate this approach
    http://springinpractice.com/2010/10/...d-permissions/
    Last edited by tellanup; Oct 28th, 2011, 07:35 AM.

    Comment

    Working...
    X