Search:

When I define two beans namely b1 and b2 from class B, and define a bean from class A which expects a constructor arg from type B, I get expected non unique bean definition exception if I try to...

When I today downloaded 3.1.0.RELEASE, I realized that CasAuthenticationProvider makes use of statelessTicketCache. We had missed that point before. Therefore, our remember me token based solution...

Hi Spring Security Guys,

I am using Spring Security 3.1.0.RC3. We are making use of RememberMeServices mechanism in order not to create proxy tickets over and over again after first proxy...

Also @Configurable is unnecessary in this case

Have you looked at SwitchUserFilter?
http://static.springsource.org/spring-security/site/docs/3.0.x/apidocs/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.html

Well, I also had a similar problem of yours a few days ago. It is also possible to have your @Configurable instances not dependency injected because of interferences with other intergration tests...

I suspect from location of your persistence.xml "classpath:com/myclass/persistence.xml", did you try putting your persistence.xml under "classpath:/META-INF/persistence.xml". As far as I remember...

If your view technology is JSF then you need to configure RequestContextListener in your web.xml so that Spring could bind current thread to thread context. You can have a look at Spring API for it:...

We use WsSecurityInterceptor in a similar fashion. Basicly you configure XwsSecurityInterceptor with a CallbackHandler which extracts security headers from soap request and delegates authentication...

Can you check that your browser accepts cookies, because as far as i remember CAS stores authenticated token as a session cookie, and use it to identify if current request is already authenticated....

You need to add intercept-url definition to your http configuration in your beans configuration file like this;
<http>
<intercept-url pattern="/login.jsp" access="ROLE_ANONYMOUS"...

First of all, you need some way to differentiate the calls from different clients. The easiest way for this, i think is to add a request parameter like reportUrl?clientType=rcp.
Then you need to...

If web service project is a separate web application, then you certainly need to configure spring security context, i.e. DelegatingFilterProxy in your web.xml, and related beans in the...

It says that URL location written in welcome-file-list element should only be accessible with HTTPS connection. If your index.html is accessible with HTTP request, then your jsessionid will be sent...

You can have a look at Channel Security section of reference documentation (2.3.2. Adding HTTP/HTTPS Channel Security). You basicly say which URLs are required to be fetch using HTTPS or HTTP and...

You can implement a custom RoleVoter (simply extend existing RoleVoter class in Spring Security) which checks current Authentication object's assigned authorities against your "administrator" role....

your form need to submit to url: j_spring_security_check. If you use h:form then you won't be able to set action attribute of it. You need to use ordinary form html element for this.

When using FMPC, your service methods must be non-transactional, unless they are marked with readOnly=true. In addition, your JPA vendor must support FlushMode MANUAL.

Currently, Spring's...

I think, it's one of the exeptional cases to go with EJBs, sharing tx context in a distributed network environment. On the other hand your current app server might not have such feature as it is not...

IMHO, the action you need to take should be on client side only. In other words, you will need to develop a client side javascript which will make call to j_spring_security_check url via...

Spring Reference doc has good explanation of introductions with aspectj at section 6.2.5. I would go with your first option. Try to create an Auditable interface with related setters/getters of...

Some time ago, i had worked on this issue. You may find some useful information at this link: http://acegi-ext.sourceforge.net/ about how to use acegi in portlet environment. Liferay integration is a...

You can have a look at this blog entry: http://www.jroller.com/ksevindik/entry/audit_logging_at_service_level

I don't think there is a problem with this approach unless you create persistenceContext within this never everlasting flow. If you put


<persistence-context/>


xml element in your flow, it...

After a more detailed inspection, we saw that cleanup() method, in which borrowed connection is released as well, is expected to be called in three points in Hibernate's ConnectionManager class;...