Announcement Announcement Module
Collapse
No announcement yet.
Spring ACL to default grant access. Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring ACL to default grant access.

    Hello everyone,

    I have the following problem: I'm trying to use Spring Security ACL to restrict the objects the user has access to. I have a service that deals with the entities, and that service has 4 methods: create(Class claz), get(Class claz, Long id), save(Object obj), remove(Object obj).
    What I've done is I have annotated those methods with
    Code:
    @PreAuthorize("hasPermission(#model, 'write'))
    , and read, create and delete respectfully. Next I have created my own
    Code:
    EntityPKRetrievalStrategy
    which extends
    Code:
    ObjectIdentityRetrievalStrategy
    and in case the domain object passed is of type Class, I simply return

    Code:
    new ObjectIdentityImpl(entity.getClass(), -1l)
    Notice the long -1 there. Next I have populated the 4 DB tables ACL_ENTRY, ACL_OBJECT_IDENTITY, ACL_CLASS and ACL_SID with the ACL_OBJECT_IDENTITY having OBJECT_ID_IDENTITY having -1. It all works great and the logged in SID is granted access to read the object. The point where I'm stuck is - if the user tries to create a new Entity, with a PK, say 2 or 3 (the PK is auto-increment), then spring denies access to the method because I have specified ACL_OBJECT_IDENTITY only for OBJECT_ID_IDENTITY -1 .. How can I configure Spring, or what do I need to put in my
    Code:
    EntityPKRetrievalStrategy
    to make it work for any entity?

    I hope I made it clear enough... if not please let me know and I'll try to clarify.

    Cheers.

  • #2
    Instead of -1 in
    Code:
    new ObjectIdentityImpl(entity.getClass(), -1L)
    use entity, something like
    Code:
    new ObjectIdentityImpl(entity)
    Also you can refer Contacts sample and Document Management System(DMS) sample in Spring Security source (git://github.com/SpringSource/spring-framework.git).
    Last edited by charybr; Mar 20th, 2013, 06:22 AM.

    Comment

    Working...
    X