Results 1 to 2 of 2

Thread: Custom PermissionEvaluator and other issues

  1. Dec 7th, 2011, 11:13 PM #1
    arnab
    arnab is offline Junior Member
    Join Date
    May 2011
    Posts
    2

    Default Custom PermissionEvaluator and other issues

    Hi, I am new to Spring and Spring Security. Can somebody please help out with the issue below?

    I have implemented a custom PermissionEvaluator by implementing hasPermission(Authentication authentication, Object targetDomainObject, Object permission). It is not using ACL and internally uses our own data security model. Everything is working as expected. However, I am not sure how to make the overloaded method work:

    hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission)

    I initially thought I could use this in scenarios as mentioned in documentation - i.e. when the object is not loaded, but there is enough information about the type and the primary key - but I could not make it work using Expression Language. Is it possible to hook this implementation to some kind of EL based-check that takes in an object type and identifier? I want to use it the same way as the other hasPermission method - to protect methods using PreAuthorize EL expression.

    Thanks a lot,
    Arnab.
    Reply With Quote Reply With Quote
  2. Dec 8th, 2011, 12:21 PM #2
    arnab
    arnab is offline Junior Member
    Join Date
    May 2011
    Posts
    2

    Default Resolved

    My bad. This is resolved now... I was using a wrong EL. It does work if the EL has the additional parameters passed on correctly in hasPermission.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules