This should be an easy question. How do I set up roles or groups that can have a dynamically changing list of permissions associated with them for authorisation purposes?
The Users want to be able...
Type: Posts; User: yellek; Keyword(s):
Dynamic Roles
This should be an easy question. How do I set up roles or groups that can have a dynamically changing list of permissions associated with them for authorisation purposes?
The Users want to be able...
Here is my code
I came up with the following. I'm not sure it is the best implementation but it works for me. ClassUtils refers to the code i referenced above.
/**
* This method is a copy of...
Better to Use a Struts 2 Interceptor
After thinking about it for a while I tried another route: allow the user to log on and then catch unverified users using a struts2 interceptor. It turned out to be a lot less code and a nice clean...
I am using namespace configuration which creates...
I am using namespace configuration which creates a DaoAuthenticationProvider. My UserDetailsService implementation is using a JPA DAO. I can create a user in the not enabled state. The issue comes...
I was afraid of that, looks like I will have to...
I was afraid of that, looks like I will have to bite the bullet and implement a custom authenticator. I was hoping that this pattern was common enough to be supported by the normal framework.
I'm curious how you handle the issue of a user...
I'm curious how you handle the issue of a user attempting to login before the confirmation has been performed. How do you detect and process this?
I'm interested in how you did this. I'm thinking...
I'm interested in how you did this. I'm thinking that after step 1 the user exists in the database and therefore someone could log in as them even without email confirmation. If someone tries to log...
AbstractAclVoter incorrectly determines the type of generic arguments
In AbstractAclVoter in the getDomainObjectInstance method there is the following line used to get the type of the reflected method arguments:
params =...
Also seen with AclEntryVoter
I am also seeing the
"AccessDecisionManager does not support secure object class: class org.springframework.security.intercept.web.FilterInvocation"
error replacing the http provided...
Bean becomes singleton after adding sec:intercept-methods tag
I have a struts2 controller bean that is defined thus:
<bean id="postingController" scope="prototype" class="com.Yasna.iclassified.posting.PostingController">
<property...
And a simple solution...
You need spring-security-core-tiger-2.0.4.jar in your classpath for annotations <blush>. Perhaps the name of this jar could be changed to something a little more descriptive?
I can't remember...
Cannot locate 'org.springframework.security.annotation.Jsr250Met hodDefinitionSource'
I get an exception with a basic Spring Security app when I enable global-method-security. I am using a Tomcat 6 runtime from an Eclipse 3.4 project (no Spring IDE), Spring 2.5.6 and Spring Security...