• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problem with <security:intercept-url pattern=...>

 
Phoenix Kilimba
Ranch Hand
Posts: 64
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Sirs et Madames,
AM trying to set up Spring Security for my application. To start with, I only want 2 types of user, and Admin who will have acces to everything, and a Data Clerk, who has limited access (access to pages specifically given through the security intercept url patterns). The following code excerpt shows how I have done this:



However for some reason when I log in as ROLE_USER I [i]always[i] get the http error:403 Access is Denied. Am i doing something wrong?

Thanks in advance, and let me know if this is not enough information.

 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
And ROLE_USER is how it is stored in your back end datasource for security, meaning your UserDetailService sets the GrantedAuthories as ROLE_USER. With ROLE_ as part of the role string, and all Caps?

Mark
 
Phoenix Kilimba
Ranch Hand
Posts: 64
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mark Spritzler wrote:And ROLE_USER is how it is stored in your back end datasource for security, meaning your UserDetailService sets the GrantedAuthories as ROLE_USER. With ROLE_ as part of the role string, and all Caps?

Mark


Hello Mark,
It is inherited code so am not completely sure what you may be asking, but am posting details of my UserDetailService class, in the hope it helps. Let me know if it doesn't and you need more info



Thanks again
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic