posted 11 years ago
0 down vote favorite
share [g+] share [fb] share [tw]
I am wondering how the PreAuthenticatedAuthenticationToken gets its authorities. I have a UserDetails implementation, but :
@Override
public Collection<GrantedAuthority> getAuthorities() {
return grantedAuthorities;
}
never gets called. This is important because Spring Security (3.1) is basically ignoring the fact that I am trying to limit this URL to a certain role. Without a role in the token, it is letting everything through. Using the UserDetailsByNameServiceWrapper doesn't work for me. Spring complains. I really could use some help. Thanks Eric
My UserDetails:
My context file:
</beans:beans>