May 6th, 2010, 08:47 PM
about Method Security Expressions in controller
i planned to use spring security in my spring application. i have tried the method security expression authorization in service object method and DAO object method, it works fine. But it is not working in controller method. so may i know whether the method security expression can be use in controller method? or i need to make some changes on my configuration file?
any reply will be deeply appreciate, thanks
May 6th, 2010, 10:50 PM
Typically, you will have trouble annotating concrete classes and are better off in almost all cases annotating interfaces instead. Since most [Spring MVC] controllers are concrete classes, you may find that you have trouble getting this to work. You're welcome to try and report back your experience, though!
Peter Mularien | Blog
Author, Spring Security 3 (Book) - Packt Publishing, Available in print and eBook form
SCJP 5, Oracle DBA
Any postings are my own opinion, and should not be attributed to my employer or clients.
May 7th, 2010, 01:20 AM
Hi, thank you very much for you reply.
actually i did try out for annotating controller, it does not work. but it is working fine in service interface and service implementation.
the reason i tried to annotate controller to control the use of the method in controller instead of service class is because the method inside the my service method is shared with other modules, so if i perform authorization check inside the service method, it will affect other module that using that service method.
so do you have any suggestion for me?
Thanks in advance...............