Announcement Announcement Module
No announcement yet.
Securing REST Exporter Servlet of Spring Data Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Securing REST Exporter Servlet of Spring Data


    I currently try to secure my REST webservices generated by the REST Exporter Servlet of Spring JPA but I have some questions about authorization customization. I only need interfaces which extends of JpaRepository to generate my REST webservices but how can I customize the authorization without any implementation ?
    Actually, the principal is retrieved from my database and I want to allow access to only REST resources related to this principal (i.e. the user with id 1 can only access to http://localhost:8080/user/1 and not http://localhost:8080/user/2 or other).
    How can I translate this into spring security configuration ?

    I tried to create custom AccessDecisionManager but I'm not sure how to handle it...