Search:

I had issues last year getting that annotation to work with a Roo-generated app, but if you're using recent Spring releases (such as with a recent Roo) I think it should be fine. And if it works I...

No Roo-inspired way to do it that I know of, but you can modify your controller methods to obtain the current user (simply add "Authentication auth" to the controller method's signature and Spring...

I think that's how you do it. You can write a little helper js function to obtain an input field's id based on the field name, which will prevent some typo and portability headaches. Actually it...

Madkinder, depending on your project, you might be okay checking for an updated object in the db before allowing the merge. If the object in the db is fresher (has a higher version?) than the object...

I did something similar, and in order to allow converted properties to be trimmed to maxLength, I did something like this:

<spring:eval...

I think this is just how the JPA implementations work. You can edit the merge method of the entity to have it leave certain properties out of its update, or create your own "partialUpdate" method for...

It's not a plugin dependency, it's an external folder where I keep properties files I don't want to keep inside the war. The tomcat maven plugin doesn't provide a mechanism for adding external...

Sorry, it wouldn't be easy for me to test with mvn tomcat:run (I have an external directory I need on my classpath and I don't see a way to add it to the Maven Tomcat plugin configuration).

If it...

I don't remember. It might have been the comments in SEC-1232, or maybe some comments in these here Roo forums. I'd been following this subject for a while....

(It was some people in these forums...

Did you enable the security aspects in your pom?

http://forum.springsource.org/showpost.php?p=347440&postcount=3

(Look at step #2 - if you don't do that, Spring Security aspects won't be...

The request mappings are defined by the @RequestMapping annotations.

You should use both. @PreAuthorize and @Secured simply allow or deny access to annotated methods, they won't prompt for a login. That's the job of the intercept urls in the Spring Security...

acof, is it possible your intercept urls were not set up correctly at the time you were testing the annotations? I'd be surprised if the "@Secured" interceptor stepped in front of the general auth...

It's not a simple solution, but you can secure your controller methods with Spring Security annotations:


Add <global-method-security pre-post-annotations="enabled" mode="aspectj"/> to...

For reference, if you set mode="asject", I think you also have to enable it in the aspjectj-maven-plugin in pom.xml to get the security aspjects woven in at compile time:


<configuration>
...

This may help: https://jira.springsource.org/browse/ROO-1861

You can also try using the cssStyle attribute in the form:textarea tag.

<form:textarea id="_${sec_field}_id" ... cssStyle="width:400px;height:100px;"/>

Add mode="aspectj" to your global-method-security tag.

http://jira.springframework.org/browse/SEC-1232

I don't know if you can suppress it, but you can push in that method and use a finder that returns a relevant set of points instead of all points in your db. Or, push it in and have it return an...

Try the "transient" access modifier instead of the annotation. If your JPA provider has knowledge of "transient" modifier, you can remove the annotation.


private transient Date lastAccessed;

I think you can use the attributes "delete=false, update=false, create=false" on @RooWebScaffold.

Piotr, thanks for sharing, it does sound interesting, but probably a bit too complex for my particular case. My fallback position is to use a few aspectj pointcuts and my own logic.

Anyway I have...

I have the same thing in mind - in a Roo project, lots of methods that need securing don't have parameters (e.g., Contact.persist()).

Have you figured this out or confirmed that it's just not...

Dunno then.

But you can turn on logging to figure out just what sql is being executed. Do something like this in persistence.xml (at least if you are using Hibernate's JPA provider):

...

I'm not familiar with Roo reverse engineering, so this is a general response.

- Be careful about editing the .aj files, since Roo manages those itself.

- How did your old application load the...