JAAS and Spring Integration

Asked Sep 23 '15 at 16:30

Active Sep 23 '15 at 16:39

Viewed 110 times

I have a Dynamic Web Project with JAAS, it has a LoginModule.

Now, I have a ROLE and I give to it a privileges like this:

 <security-constraint>
<display-name>PRIVILEGES</display-name>
<web-resource-collection>
  <web-resource-name>PRIVATE</web-resource-name>
  <url-pattern>/usuario/*</url-pattern>
  <url-pattern>/Data</url-pattern> <-- This is a Servlet. (JAAS Protect it)
  <url-pattern>/getEstudent</url-pattern> <-- RequestMapping from Spring.(JAAS does not protect it)
  <http-method>POST</http-method>
  <http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
  <role-name>USER1</role-name>
</auth-constraint>

I have integrated this with Spring. And I want to protect this url "getEstudiante". But the JAAS does not protect it.

How to do to protect a "requestmapping" from a Controller?, Thanks.

edited Sep 23 '15 at 16:39

asked Sep 23 '15 at 16:30

Joan Sanchez

1

How do you acess the URL /getEstudent? Can you post the entire URL? – Tiago Mussi Sep 29 '15 at 23:12
I've update the question @TiagoMussi – Joan Sanchez Oct 05 '15 at 14:58
So.. you access your page like this 'localhost/getEstudent'? @JoanSanchez – Tiago Mussi Oct 05 '15 at 17:04
I have a Dynamic web project. The project name is "project" then the url is 'localhost/project/getEstudent' @TiagoMussi – Joan Sanchez Oct 05 '15 at 20:30
Can you post your entire web.xml? – Tiago Mussi Oct 05 '15 at 20:50
1

@JoanSanchez , I would like to make an addendum, if possible. I believe that [my answer](http://stackoverflow.com/a/43220700/3542189) may help in understanding your answer. Conceptually saying. – pss1suporte Apr 05 '17 at 02:24
@pss1suporte I have resolved my problem. I only was write correctly url. – Joan Sanchez Apr 17 '17 at 14:05

JAAS and Spring Integration

0 Answers0