This week's book giveaway is in the Reactive Progamming forum.
We're giving away four copies of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams and have Adam Davis on-line!
See this thread for details.
Win a copy of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams this week in the Reactive Progamming forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Ganesh Patekar

global-method-security in spring roo and @ PreAuthorized

 
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,


After read some documentation, I have put <global-method-security> tag in the webmvc-config.xml, but I think is better in applicationContext.xml, no?

I have an amazing side effect if I put the @ PreAuthorized in a method of my controller (createFrom), while the css disappears.

If you have ever had this problem thank you kindly tell me how to solve.

(sorry for my bad English)

Thanks!

 
Luis Parente
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK

I forgot

But now I do handle the exception:




thanks
 
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Luis Parente wrote:
After read some documentation, I have put <global-method-security> tag in the webmvc-config.xml, but I think is better in applicationContext.xml, no?



Yes, typically but if you are going to annotate your controllers, you have to either do that or the only other option is to move the below to your application context.



This would in essence scope your controllers to your root context.

In any event where is that exception being thrown? What is the complete stack trace? Do you have an access-denied-page configured?

If you need more granular control you can have a look at Exception Translation Filter
 
Luis Parente
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi thanks one again more


well, at the moment I have the following:


In webmvc_config.xml






In applicationContext-security.xml






In AccessDeniedHandlerApp.java



and in AccessDeniedController.java




and views.xml I have added



Its 'do anything... and the

throws the exeption: this is the full stack trace:





thanks.







 
Bill Gorder
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A full stack trace would typically start out with something like

org.springframework.security.access.AccessDeniedException: Access is denied

I assume it is an access denied exception. If you are not seeing that make sure your log is not getting truncated. If you are using STS right click in the console and go to preferences, there unclick the limit console output checkbox.


Have you tried setting a break point in your handle(...) method? You should be hitting it.

One possibility if you are hitting that breakpoint is that you have forgotten to set intercept URL's for your /securityAccessDenied. This would cause another exception to get thrown.





 
Luis Parente
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,


It's doesn't work for me.....

I have read this explanation:

http://www.binrand.com/post/2742783-bean-access-prevent-method-call-without-exception-using-preauthorize.html, but I think is a little complicated.

Thanks in advance.
 
bacon. tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!