Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

global-method-security in spring roo and @ PreAuthorized

 
Luis Parente
Ranch Hand
Posts: 39
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,


After read some documentation, I have put <global-method-security> tag in the webmvc-config.xml, but I think is better in applicationContext.xml, no?

I have an amazing side effect if I put the @ PreAuthorized in a method of my controller (createFrom), while the css disappears.

If you have ever had this problem thank you kindly tell me how to solve.

(sorry for my bad English)

Thanks!

 
Luis Parente
Ranch Hand
Posts: 39
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK

I forgot

But now I do handle the exception:




thanks
 
Bill Gorder
Bartender
Posts: 1682
7
Android IntelliJ IDE Linux Mac OS X Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Luis Parente wrote:
After read some documentation, I have put <global-method-security> tag in the webmvc-config.xml, but I think is better in applicationContext.xml, no?


Yes, typically but if you are going to annotate your controllers, you have to either do that or the only other option is to move the below to your application context.



This would in essence scope your controllers to your root context.

In any event where is that exception being thrown? What is the complete stack trace? Do you have an access-denied-page configured?

If you need more granular control you can have a look at Exception Translation Filter
 
Luis Parente
Ranch Hand
Posts: 39
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi thanks one again more


well, at the moment I have the following:


In webmvc_config.xml






In applicationContext-security.xml






In AccessDeniedHandlerApp.java



and in AccessDeniedController.java




and views.xml I have added



Its 'do anything... and the

throws the exeption: this is the full stack trace:





thanks.







 
Bill Gorder
Bartender
Posts: 1682
7
Android IntelliJ IDE Linux Mac OS X Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A full stack trace would typically start out with something like

org.springframework.security.access.AccessDeniedException: Access is denied

I assume it is an access denied exception. If you are not seeing that make sure your log is not getting truncated. If you are using STS right click in the console and go to preferences, there unclick the limit console output checkbox.


Have you tried setting a break point in your handle(...) method? You should be hitting it.

One possibility if you are hitting that breakpoint is that you have forgotten to set intercept URL's for your /securityAccessDenied. This would cause another exception to get thrown.





 
Luis Parente
Ranch Hand
Posts: 39
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,


It's doesn't work for me.....

I have read this explanation:

http://www.binrand.com/post/2742783-bean-access-prevent-method-call-without-exception-using-preauthorize.html, but I think is a little complicated.

Thanks in advance.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic