Announcement Announcement Module
Collapse
No announcement yet.
ACL voters never called Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • ACL voters never called

    I have a problem with @PostFilter... it's never called.
    I have tried to configure both AffirmativeBased and UnanimousBased voting system without any luck.
    The only voter thats called is this one:
    org.springframework.security.access.vote.Affirmati veBased - Voter: org.springframework.security.access.vote.RoleVoter @7d3e4a, returned: 1

    Here is the relevant configs:
    Interface:
    Code:
    public interface SectionService {
    	@PostFilter("hasPermission(filterObject, 'VOTE_CATEGORY_READ')")
    	public List<Section> getSectionsForCompany(Long id);
    }
    security.xml:
    HTML Code:
    <global-method-security 
    		secured-annotations="enabled" 
    		pre-post-annotations="enabled">
    		<expression-handler ref="expressionHandler"/>
    	</global-method-security>
    security-addirmative.xml:
    HTML Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans 
    	xmlns="http://www.springframework.org/schema/beans" 
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:util="http://www.springframework.org/schema/util" 
    	xmlns:p="http://www.springframework.org/schema/p" 
    	xsi:schemaLocation="
    		http://www.springframework.org/schema/beans 
    	   	http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    	   	http://www.springframework.org/schema/util 
    	   	http://www.springframework.org/schema/util/spring-util-3.0.xsd">
    
    	<!-- See 15.3.2 Built-In Expression @http://static.springsource.org/spring-security/site/docs/3.0.x/reference/el-access.html#el-permission-evaluator -->
    	<bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
    		<!-- To use hasPermission() in expressions, configure a PermissionEvaluator -->
    		<property name="permissionEvaluator" ref="permissionEvaluator" />
    	</bean>
    
    	<!-- Declare a custom PermissionEvaluator We'll rely on the standard AclPermissionEvaluator implementation -->
    	<bean class="org.springframework.security.acls.AclPermissionEvaluator" id="permissionEvaluator">
    		<constructor-arg ref="aclService" />
    	</bean>
     
    	<bean class="org.springframework.security.access.vote.AffirmativeBased" id="aclDecisionManager">
    		<property name="decisionVoters">
    			<list>
    				<ref bean="categoryReadVoter" />
    			</list>
    		</property>
    	</bean>
    
    	<bean class="org.springframework.security.acls.AclEntryVoter" id="categoryReadVoter">
    		<constructor-arg ref="aclService" />
    		<constructor-arg value="VOTE_CATEGORY_READ" />
    		<constructor-arg>
    			<array>
    				<util:constant static-field="org.springframework.security.acls.domain.BasePermission.READ" />
    			</array>
    		</constructor-arg>
    		<property name="processDomainObjectClass" value="no.capraconsulting.ccc.model.Section" />
    	</bean>
    </beans>
Working...
X