Announcement Announcement Module
Collapse
No announcement yet.
Fetch custom authorities from database by operation name Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fetch custom authorities from database by operation name

    Originally posted here.

    I need to make a legacy application start using spring security 3.
    This app already has its security data model. The follow diagram illustrates:
    http://i.imgur.com/E7EWS.png

    Very simple by far. I can write my custom usersByUsernameQuery and authoritiesByUsernameQuery.

    The thing is that there is another table indicating the operation (i.e. @Service layer method) that a Role can execute:

    http://i.imgur.com/r4POq.png

    So the administrator can enable/disable a role from accessing an operation through a web interface, without redeploying the app.

    I don't want (for now) ended up creating my own annotation. Unless it is not possible with what we have out of the box.

    I still can annotate the business methods with @Secure('ROLE_ADMIN') for example, but my custom UserDetailsService must know at least the method name that is being secured, so I can perform the right query. Is there any way?

  • #2
    I'm not sure I understand what you are trying to do, but it sounds a bit like ACLs. See the contacts sample application for an example of using permissions/acls.

    Comment


    • #3
      Originally posted by rwinch View Post
      I'm not sure I understand what you are trying to do, but it sounds a bit like ACLs. See the contacts sample application for an example of using permissions/acls.
      It sounds a bit like ACLs indeed. But I've already implemented some security backgrounds that uses ACLs and I can say that ACLs is really too fine grained for this case.
      What I've ended up doing was treating the Operation table like it was a Roles table. Some tweaks in the default SQL queries and it works well. Soon I'll detail here what was done.

      Comment

      Working...
      X