Stack Overflow
Stack Overflow

Questions tagged [spring-security-acl]

83 questions
0
votes
1 answer

MutableAcl.createAcl() with custom UserDetailsService

I am currently trying to implement Spring's ACLs into my existing application. Sadly i am stuck at a specific point which seems to be caused by my UserDetailsService. The problem/error is the following when i call the createAcl() function of the…
puelo
  • 5,464
  • 2
  • 34
  • 62
0
votes
1 answer

Spring Security ACL customize default access to subject

Using spring ACL I can configure permissions for some actions on subject. My application requires customization of access rights to a subject very rarely. So i do not want fill ACL for default dependency, but need special instruction if ACL is…
Sergii
  • 7,044
  • 14
  • 58
  • 116
0
votes
1 answer

Spring Security ACL Heirarchy

I have worked with Spring Security Role based security but am new to Spring Security ACL. I need to use Spring security to implement ACL on object hierarchies. Like I have a company which has different branches, there are multiple departments in…
Shahzad
  • 508
  • 7
  • 16
0
votes
1 answer

Why @PostFilter don't work sometimes in Spring Security service?

I'm using spring security in my project. I have a service as follow: public interface A { @PostFilter("hasPermission(filterObject, 'read')") List method1(); @PostFilter("hasPermission(filterObject, 'read')") List
Morteza Malvandi
  • 1,656
  • 7
  • 30
  • 73
0
votes
1 answer

Spring Security 4 ACL - User Creation and DB Configuration

I am in the process of implementing Spring Security into an existing application, which creates users, assigns roles and et al via a web portal. In the process of finding the best suited security for the web services and portal, I am deeply…
aksappy
  • 3,400
  • 3
  • 23
  • 49
0
votes
0 answers

DefaultWebSecurityExpressionHandler is always used

I have a spring-boot web application that declares some security through this class: @Configuration @EnableWebSecurity @Order(Ordered.LOWEST_PRECEDENCE - 50) // needs to be after SpringBootAuthenticationConfigurerAdapter to register default in…
Petar Tahchiev
  • 4,336
  • 4
  • 35
  • 48
0
votes
2 answers

How to implement ACL spring security to share an object among group of users without creating many entries in ACL_Entry table

Similar to the problem mentioned as below How to implement ACL at a group level? E.g. only teachers in school A can update school A's calendar I am trying to solve below scenario Using acl spring security We got a scenario to share the …
anu
  • 31
  • 6
0
votes
0 answers

SecurityContextHolder.getContext().getAuthenticated returns null when url is added to WebSecurity configuration

I am using Spring Security in my application and I have a REST API exposed. The API authenticates the user who is trying to access the API and also I am using Spring's ACL implementation(placed as annotations PreAuthorize, PostAuthorize etc). The…
Syed Waqas
  • 2,576
  • 4
  • 29
  • 36
0
votes
1 answer

Spring Security Custom Login Error (on submit login processing url is not invoked)

I am new to spring. I am in a need of creating a login module using spring security, while using a custom login page on submit of the form nothing happens and when I was debugging it I found that I was getting a error code 400 even though I was…
ashish singh
  • 1
0
votes
1 answer

how to prevent a logged in user to edit another using Spring Security ACL in Grails?

I own the role student in my Spring Security Core. The role student can edit your information. But if he wants to edit another user's information that's also possible. @Secured(['ROLE_ADMIN','ROLE_STUDENT']) @PreAuthorize('isAuthenticated() and…
Gleydson S. Tavares
  • 589
  • 7
  • 20
0
votes
1 answer

Spring Security ACL - Allow Users to 'read' one field from the Domain class

I'm very new to the Spring Security Framework and I have a little problem here to solve. I've already managed to use the @PreAuthorized("hasPermission('#person', Permission) annotation for service and controller methods. This works fine for me, but…
Dennis Bukowski
  • 35
  • 2
  • 6
0
votes
2 answers

implement acl on field in spring security

I would like implement spring acl for my object fields. does anyone has an idea what do i have to implment for it? for example, i have Purchase object. i would like admin_role to have read on all the fields, and secretary_role to have read only on…
Dejell
  • 13,947
  • 40
  • 146
  • 229
0
votes
1 answer

Spring securtiy Acl throwing nullpointer on addPermission

I am using Springsecurity-ACL-2.0-RC1 and webflow 2.0.8.1 So when calling my Service to addPermission via: service.addPermission(domainobject, username, permission) which basically is: void addPermission(def domainobject, String username, …
Simon Schrottner
  • 4,146
  • 1
  • 24
  • 36
0
votes
2 answers

Need suggestions on security design for a web application

i'm designing a security module for a web application using spring security . There are 3 separate wars(3 Apps)using separate login, deployed in a JBOSS Server. The requirement is , If the user is authenticated in one app then he should be able to…
Sampathkumar
  • 28
  • 7
1 2 3 4
5
6