Stack Overflow
Stack Overflow

Questions tagged [spring-security-acl]

83 questions
3
votes
0 answers

Spring Security ACL & OAuth: AclPermissionEvaluator overwritten by DenyAllEvaluator

So I have a SpringBoot application with JavaConfig using spring-security-acl (version 3.2.7.RELEASE) following this tutorial http://krams915.blogspot.com/2011/01/spring-security-3-full-acl-tutorial.html except I'm also using OAuth. The problem is…
Judes Tumuhairwe
  • 103
  • 6
3
votes
1 answer

How to implement Spring Security @PostFilter for different types when using OAuth

I am using Spring Boot, Spring Security Oauth and Spring Security in my project, which is a REST server that returns ResponseEntity<> from it's controller methods. Now when I add @PostFilter annotation to a controller method that returns…
JIMI
  • 439
  • 2
  • 8
3
votes
0 answers

How does spring-security clear cache from AclPermissionCacheOptimizer

We are using AclPermissionCacheOptimizer for caching the authorised objects for sids in spring-security-core-3.1.3 version. Now whenever we give access to new sid for a cached object, AclPermissionCacheOptimizer does not have the new sid for the…
user3817430
  • 33
  • 1
  • 3
3
votes
1 answer

Grant permission to existing object identities with Spring Security ACL

I'm using the Spring Security ACL implementation and am wondering what's the best way of granting a new permission to a role/user (security identity - SID) for existing object identities. For example, let's say I have the following (I'm mostly…
JWK
  • 670
  • 2
  • 6
  • 16
2
votes
2 answers

Spring ACL questions

I am using the new Spring Security 3.1 and have a few questions to Spring Security ACL. So let's say I have an object and want to define an ACL for it. I create an ACL Entry and want to asign it to a group of users; not a role…
user878385
  • 43
  • 5
2
votes
0 answers

Add role in jhipster used keycloak

I used in my application oauth2 with the server keycloak, so i want know how can I add role .i folowed multi-tutoriel but it's not worked . The file that I modified to add the role: AuthoritiesConstants.java …
hejer
  • 53
  • 8
2
votes
2 answers

Spring Boot with AclPermissionEvaluator resulting in IllegalStateException: No ServletContext set

Hello experts, I'm currently learning Spring Boot and I want to use it with Spring Security ACL. Following the documentation of Spring Security and a tutorial on Baeldung.com, I think I got an understanding about what is needed. I also looked into…
moritzrupp
  • 833
  • 2
  • 9
  • 11
2
votes
1 answer

Including Domain Object Security @PostFilter in Spring Data repositories Pageable endpoints

In my project I use Spring-Data, Spring-Data-Rest and Spring-Security. What I need to accomplish is to implement domain object security (ACL) over these repositories. Specificaly @PostFilter over Pageable.findAll() method. Method level security is…
JIMI
  • 439
  • 2
  • 8
2
votes
1 answer

Spring Security - ACL readAclsById not filtering by SIDs

I'm trying to use Spring Security's readAclsById method in JdbcMutableAclService to retrieve ACLs that are filtered by the SIDs. However, ACLs that are not applicable to the passed-in SIDs are returned. I'm creating the ACL entry using the…
Dyip302
  • 197
  • 1
  • 11
2
votes
1 answer

spring security acl id

i am trying to implement spring security ACL but it is complaining that my object don't have id property java.lang.NoSuchMethodException: org.springframework.security.acls.domain.ObjectIdentityImpl.getId() at…
Shahbour
  • 1,323
  • 1
  • 16
  • 42
2
votes
0 answers

How to implement RunAs in spring security acl

I want to get a user to RunAs another role (that's an admin role: ROLE_USER_ADMIN) to change the privileges in an object owned by another user. Create a Role with an authority 'ROLE_RUN_AS_USERADMIN' enable RunAs in config.groovy…
user1188114
  • 21
  • 5
2
votes
2 answers

Spring Security Acl Level Class Permission

Does Spring Security Acl support class-level permissions? For example, let's suppose I have an Asset class, and I want to allow read permissions to all instances of the Asset class to any user with role ROLE_USER. As long as I could see,…
Nedo
  • 627
  • 1
  • 10
  • 20
2
votes
1 answer

Spring Security ACL on App Engine Datastore

We are using Spring Security ACL infrastructure in conjuction with App Engine Datastore. We do not use low-level Datastore API but rather we use Objectify framework to access Datatstore. We need to transform Spring Security ACL model (suitable for…
Nathan
  • 141
  • 9
1
vote
1 answer

Is Spring Security ACL supposed to be usable with WebSecurityExpressionHandler?

I followed this guide to set up security using ACLs, which works fine. After that i also tried to implement ACLs in WebSecurityConfigurerAdapter. So i set up a bean which would create a DefaultWebSecurityExpressionHandler: @Bean public…
M364M4N cro
  • 680
  • 2
  • 10
  • 23
1
vote
1 answer

Spring ACL Voters configuration

So I have tried to implement a simple ACL example in my project and everything works as it should. I have the following configuration:
user878385
  • 43
  • 5
1
2
3 4 5 6