• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Knute Snortum
  • Bear Bibeault
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Tim Holloway

global-method-security in spring roo and @ PreAuthorized

 
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,


After read some documentation, I have put <global-method-security> tag in the webmvc-config.xml, but I think is better in applicationContext.xml, no?

I have an amazing side effect if I put the @ PreAuthorized in a method of my controller (createFrom), while the css disappears.

If you have ever had this problem thank you kindly tell me how to solve.

(sorry for my bad English)

Thanks!

 
Luis Parente
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK

I forgot

But now I do handle the exception:




thanks
 
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Luis Parente wrote:
After read some documentation, I have put <global-method-security> tag in the webmvc-config.xml, but I think is better in applicationContext.xml, no?



Yes, typically but if you are going to annotate your controllers, you have to either do that or the only other option is to move the below to your application context.



This would in essence scope your controllers to your root context.

In any event where is that exception being thrown? What is the complete stack trace? Do you have an access-denied-page configured?

If you need more granular control you can have a look at Exception Translation Filter
 
Luis Parente
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi thanks one again more


well, at the moment I have the following:


In webmvc_config.xml






In applicationContext-security.xml






In AccessDeniedHandlerApp.java



and in AccessDeniedController.java




and views.xml I have added



Its 'do anything... and the

throws the exeption: this is the full stack trace:





thanks.







 
Bill Gorder
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A full stack trace would typically start out with something like

org.springframework.security.access.AccessDeniedException: Access is denied

I assume it is an access denied exception. If you are not seeing that make sure your log is not getting truncated. If you are using STS right click in the console and go to preferences, there unclick the limit console output checkbox.


Have you tried setting a break point in your handle(...) method? You should be hitting it.

One possibility if you are hitting that breakpoint is that you have forgotten to set intercept URL's for your /securityAccessDenied. This would cause another exception to get thrown.





 
Luis Parente
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,


It's doesn't work for me.....

I have read this explanation:

http://www.binrand.com/post/2742783-bean-access-prevent-method-call-without-exception-using-preauthorize.html, but I think is a little complicated.

Thanks in advance.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!