Announcement Announcement Module
Collapse
No announcement yet.
PreAuthorize problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • PreAuthorize problem

    Hi,

    I am using Spring 3.2.1, Spring Security 3.1.3 and Tapestry 4.1.6. I am trying to configure roles and permissions with spring security but I am having problems in adding method level security controls to the code. PreAuthorize annotations are being ignored.

    I've added a spring-security.xml file

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
        xmlns:security="http://www.springframework.org/schema/security"
            xsi:schemaLocation="http://www.springframework.org/schema/beans 
                            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                            http://www.springframework.org/schema/security 
                            http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
           <security:global-method-security pre-post-annotations="enabled" />
    
            <security:http auto-config="true" use-expressions="true" authentication-manager-ref="authenticationManager" />
    
    </beans>

    This is a part from web.xml file.
    Code:
      <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
           /WEB-INF/spring-security.xml
           classpath*:/**/*.beans.xml
        </param-value>
      </context-param>
    I've added PreAuthorize to the saveUser method. (non-admin users cannot save user changes.)

    Code:
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public boolean saveUser(User user) {
        ...
    }
    The other question is, is it possible to configure acls in the ui part, which is in Tapestry 4?
    Last edited by eercan; Nov 15th, 2012, 09:50 AM.
Working...
X