Announcement Announcement Module
Collapse
No announcement yet.
How to assign security to scheduler ? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to assign security to scheduler ?

    I have a scheduler configuration like this:
    <bean id="scheduler.example" class="org.springframework.scheduling.quartz.Metho dInvokingJobDetailFactoryBean">
    <property name="targetObject" ref="person"/>
    <property name="targetMethod" value="getPersons"/>
    </bean>

    My getPersons has ROLE_USER


    @Secured({"ROLE_USER"})
    public List<Person> getPersons() throws Exception {
    *********
    }

    when scheduler tries to access my metod it throws unauthorised exeception.How can I assign role to scheduler?

  • #2
    You are going to need to ensure that SecurityContextHolder.getContext().getAuthenticati on() returns an Authentication that isAuthenticated returns true and has the granted authority of ROLE_USER. You can do this by calling SecurityContextHolder.getContext().setAuthenticati on prior to invoking this method. Ensure that after you are done that you clean up by calling SecurityContextHolder.clearContext(). One way of doing this is to wrap your object with something sets up and tears down your context. You would then use MethodInvokingJobDetailFactoryBean to call the wrapped object instead. For example:

    Code:
    public class SecurityAwareGetPersons {
      private Person p;
      private Authentication a;
      public SecurityAwareGetPersons(Person p, Authentication a) {
        this.p = p;
        this.a = a;
      }
      public List<Person> getPersons() {
        SecurityContextHolder.getContext().setAuthentication(a);
        try {
          return p.getPersons();
        } finally { 
          SecurityContextHolder.clearContext();
        }
      }
    }
    Naturally you can make it a bit more reusable by using reflection instead of directly calling Person.getPersons(), but this should give you an idea.

    Comment

    Working...
    X