Announcement Announcement Module
No announcement yet.
Spring Security ACL and getting inherited permissions Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security ACL and getting inherited permissions

    I am using Spring Security ACLs in one of my GWT project's (3.1.3) and have to send Permissions (as an integer mask) to the frontend in order to display or hide some controls (edit, delete, etc).
    I have two domain objects (Class A, class B) that need to be protected by the ACL so I added them to the acl_class table (I am using JdbcMutableAclService).

    A is the parent class of B. That means sometimes I only have ace entries for class A and B are supposed to inherit them.
    This works fine for authorization etc but I couldn't come up with a simple way to recursively retrieve the ace for an instance of class B.

    The code looks like following:

    List<Sid> authorities = Get my authorities for the user
    ObjectIdentity oid = new ObjectIdentityImpl(B.class,
    acl = aclService.readAclById(oid, authorities);
    BasePermission permission  = null;
    for (AccessControlEntry ace: acl.getEntries()) {
        if (authorities.contains(ace.getSid())) {
            permission = ace.getPermission();
    However when i don#t have any records for the instance of class B this will return no permission.
    Of course I can check if acl.getParentAcl() != null and then loop through those entries but I was hoping there is a built in solution for that.