1

I am working on a method of applying row level security to a spring data application transparently. I would like to use hibernate filters to accomplish this, but I am unable to get the aop pointcuts to intercept where spring data opens the session. What is the appropriate pointcut needed or is there a better approach to row level security that I can explore?

Ps: I need the security filtering to occur before the query to not affect paging and sorting of the data returned.

Thanks

Tristan C Hanson
  • 11
  • 3
  • Great solution! If you could add an answer to this question with an example of your interceptor and a small use case I would be much obliged and it would certainly be helpful for future visitors. – NikolaB Feb 11 '16 at 17:43
  • https://stackoverflow.com/a/32230857/320761 – Lukasz Frankowski Jun 16 '18 at 14:21

1 Answers1

0

I think the better approach would be to use Spring Security ACL. It's a little bit complex when you implement it for the first time, but it's the right way to do this.

Check out: http://grzegorzborkowski.blogspot.hr/2008/10/spring-security-acl-very-basic-tutorial.html

For database filtering you will have to write Specifications and use them in criteria queries.

NikolaB
  • 4,706
  • 3
  • 30
  • 38