We've licensed a commercial product (product not important in this context), which is limited by the number of concurrent users. Users access this product by going through a Spring Controller.
We ... |
I recently moved from the JSecurity plugin to Spring Security. How do I get the authenticated user from within my controllers?
|
I have a custom-authentication-provider defined in my Spring Security configuration. This class implements AuthenticationProvider, and I can successfully log in using the form defined on my page. The issue is ... |
I'm using spring security, and I need to get the User domain object in a controller.
If I call SpringSecurityService.getPrincipal(), I get back an object of type org.codehaus.groovy.grails.plugins.springsecurity.GrailsUser. However, what I'm ... |
I have a web app running Spring 3.0 and using Spring-MVC. I have a few controllers set up like this:
@Controller
@RequestMapping("/admin")
@SessionAttributes({"clientLogin", "selectTab", "user", "redirectUrl"})
public class AdminController {
...
}
@Controller
@SessionAttributes({"clientLogin", "selectTab", "user", "redirectUrl"})
public class PublicController ...
|
I am trying to add authentication support to my Spring 3.0 web application but nothing from http:basic to more elaborate authentication is working. the examples provided in Spring documentation do not ... |
I have been using Spring MVC for a short while now with annotated controllers for JSP pages. I have a class similar to this:
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
@Controller
public class AdminController {
...
|
|
I'm trying to login a user from a controller after the signup. My code in the controller is:
...
User user = new User();
BeanUtils.copyProperties(userVO, user);
userService.save(user);
List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
grantedAuthorities.add(new GrantedAuthorityImpl("USER"));
UsernamePasswordAuthenticationToken uat = new ...
|
I am using Spring Security + MVC.
The annotation @Secured({ "ROLE_ADMIN" }) works fine only in the controller layer.
If I try to use it in deeper/other layers, I get no security error.
Or ...
|
I'm wondering what is good approach to secure handler method in Spring MVC controller. Now i use @Secured annotation, that ensure that some method may be accessed by logged user only. ... |
Example:
class CommonController {
@ModelAttribute("refs")
public List getRef() {
...
}
@ModelAttribute("refs2")
public List getRef2() {
...
}
}
class MyController extends CommonController {
@RequestMapping("/my")
public String request() {
return "/my";
}
}
The ModelAttribute objects will be ... |
If login.jsp posts to /login/submit:
<form action="/login/submit" method="post">
and the applicationContext.xml defines a form-login element:
<form-login login-page="/login" login-processing-url="/login/submit" authentication-failure-url="/login/error" />
How do I do some additional handling in a corresponding controller method:
@RequestMapping(value ...
|
In Spring 3, is there a method that accepts a comma-separated list of permissions and returns a Boolean of whether the logged in user has any of those permissions? I ... |
In Struts , we can access the 'getter' methods and member variables of an Action class in the corresponding view JSP , using <S:..> tags . How this works ?
Is there ... |
For web MVC I need at least two configs: dispatcher-servlet.xml and applicationContext.xml. I use the following filter for security:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
...
|
I have USER, ROLE and USER_ROLE tables and a bunch Spring controllers ... is there an Spring annotation I can add to the controller methods that will specify the role(s) a ... |
User's authority is frequently changed in my web service.
In this case, how do I check user's authority effectively?
I wrote code that check user's authority in every controller temporarily.
But I think this ... |
I would like to restrict access only for ROLE_ADMIN users to all controllers introduced by the Spring Security UI plugin in grails. (I am using grails 1.3.7, plugins.spring-security-core=1.1.3 and plugins.spring-security-ui=0.1.2)
I can ... |
I use Spring and Spring Security 3 at my application. All my clients side are static HTML files. I have a navigation bar that includes buttons like:
When a user clicks ... |
This is a rather weird problem and I been at it for a while so I am going nuts.
I have a controller extending another controller so I can have multiple controllers ... |
I am new to spring framework and hibernate. I want to Access Two Controllers in same view. Here is my Dispatcher Servlet code.
<bean name="/EditTask.htm"
class="HumanResource.FindTaskController"
...
|
I am stuck with access 2 services methods from one controller. I want to create a Task but same time I want to create new Role and assign its auto increment ... |
In spring security version 3.0.6, which fixed a CRLF logout exploit (https://jira.springsource.org/browse/SEC-1790) they disabled the use of the 'spring-security-redirect' parameter.
Default support for the redirect parameter in ... |
I have attempted to implement the solutions provided in this question.
However, none of them are working for me. In my abstract base controller, I have the following method (I also ... |
I am using spring-security-oauth2 jar file. During the oauth verification process it makes a call to "/oauth/token" and hence the method. I want to modify the method..
Is it possible if ... |
I have applied below code, but it was not working, can any one please give me some solution for this.Thanks.
Controller method:
@Controller
public class UserController {
@Secured("ROLE_USER")
@RequestMapping(value="user/{userName}", method=RequestMethod.GET)
public ...
|
I have a web application secured with spring security (Spring 3.1.0). Now if a customer wants to register to my service, Spring Security say "No". This makes sense because the user ... |
I have very similar spring-security beans configuation to this example. The @Secured annotation on controller's methods only function properly if it is on a method of a class that ... |
Securing the scaffold'ed Controllers I have some auto-generated scaffold Controllers and some custom Controllers, one called "admin" and one called "public". I would like to have the admin and scaffold controllers ... |
Feb 9th, 2011, 04:24 AM #1 [email protected] View Profile View Forum Posts Private Message Junior Member Join Date Feb 2011 Location Nagpur Posts 1 Unable to find controller while enabling spring ... |
How to access context param in Controller Hi! I am creating an online examination application, and I need to create a cheat mode wherein when enabled will allow me to view ... |
How to secure just some of the scaffolded controller methods Hi, this is my problem : suppose we have a RooScaffoldController suppose we have ROLE_USER and ROLE_ADMIN users what I'd like ... |
Method Security\Controller with custom permission evaluator Hi, I'm really a newb so I apologize if the question is out of place. I'm trying to get Method Security working with custom permission ... |
MVC Controller method security not working Hi, I am trying to secure my web controllers. I am using the non annotation based Spring MVC configuration. When i try to secure my ... |
@Secured ("ROLE_ADMIN") not working for me in my controller... ...but it is working in my service layer. It has to be something with my configuration but I can't seem to figure ... |
Is that possible to apply method level security for Spring @MVC controllers ? Controller method: Code: @Controller public class UserController { @Secured("ROLE_USER") @RequestMapping(value="user/{userName}", method=RequestMethod.GET) public @ResponseBody User getAvailability(@PathVariable String userName, HttpServletResponse ... |
How to receive large user activity log data from UI to spring controller method I need to send large user activity log data(this data is a multi line strings) from UI ... |
Hi, If I have a form controller that extends SimpleFormController and it is easy for me to get localized messages in the following way. getMessageSourceAccessor().getMessage("user.saved" , new Object[] {user.getFirstName() + ' ... |
Hello, Any tricks to access to a session variable from controller. I have a e-shop application and want to use session object "shop" on the page updating product information. Thanks for ... |
I have know who is logged in the passage from a page to another in the controller or in the form controller. What can I do? Can I get him from ... |
How can I get username in the spring MVC Controller? Now I am using acegi security, but the spring MVC controller could not get the correct username. Login.jsp |
Hi, I'm trying to find out how it is possible to start the Acegi authentication procedure from within my mvc controller (jsf). I'm trying to call httpSessionContextIntegrationFilter.doFilter(req, resp, chain) or entryPoint.commence(req, ... |
mvc.Controller access to Message (with EL) from MessageSource Hello, I am trying to access a message inside a controller. However, the message contains EL referencing another message. Does anyone know of ... |
I need to access a bean defined in the DefaultListableBeanFactory from a Controller, but can't see how it can get done. Any hint? -------------------------------- Never mind about this question. |
Accessing username and role from within Spring controllers Hi everyone, I'm fairly new to Acegi-Security. I implemented the security framework with my Spring application. I wonder how to access the username ... |
Feb 16th, 2007, 05:09 PM #1 mickknutson View Profile View Forum Posts Private Message Visit Homepage Senior Member Join Date Jun 2005 Location Philly Posts 199 Issues with JSF and Acegi ... |
Aceg Security, Spring MVC Controller Hi, I use Acegi Security and Spring MVC with success, but I plan to do a small improvement in my web application. Traditionally, authorized roles for ... |
Access the json-params via a controller I am trying to access the json-params via a controller but can't figure it out. I have a handler which creates a button like this... ... |
Hello, i use a SimpleFormController and command object to put data from a db to a jsp. This data represented by dropdown fields. Code: Attendance for: week: ... |
Losing info keyed by user between jsp and controller I posted this same issue int the spring web flow forum as well, not sure where it belongs. I am currently working ... |
How to mock acegi context for controller unit test Hi All, I have a controller class that calls the following method. SecurityContextHolder.getContext().getAuthenticati on(); I then extract the principal and pass that ... |
Is there a way to have access to the bean name if the Controller? ex: In the class controller I want to have access to the bean name ... |
Most efficient way to add new data access to every controller? Hi folks, I'm in the process of internationalizing a product with a hundred or so controllers. I need to add ... |
Checking if user is logged-in on all controllers Please help, I am new to spring and sometimes I get confused :-( What's the best way to force a user to be ... |
|
Spring security Looking at the way security is used in your code...I think what you guys are missing out is you have not used the capability to auto detect your classes ... |
Access Controller beans in action-servlet.xml in Listener Hello, I'm using AppFuse example code. I can't understand, how I can access in StartUpListener class controller beans defined in action-servlet.xml. Here is StartupListener: ... |
I am trying to apply @Secured annotations to my controller methods, but it does not seem to be working. Is there something that I am doing wrong? I have my spring ... |
controller scaffold --name ~.web.MyEntityController --entity ~.model.MyEntity --path admin/myentity controller scaffold --name ~.web.MyOtherEntityController --entity ~.model.MyOtherEntity --path /admin/myotherentity/ |
Greetings. My task is to get a username (currently logged in user) and pass it to a controller as an HTTP parameter. I don't really know how to do it, so ... |
@Controller and @ModelAttribute("user") Currently I use this method in each controller to retrieve current user for each page: @ModelAttribute("user") public User user(){ return userService.getCurrentUser(); } I'd like to integrate it into ... |
Hi all, I have an ApplicationListener which detects failed logins and logs them to my database. I am using Acegi security to login. Therefore all data submission are done to j_security_check ... |
access denied handler does not work for controller I have a controller method annotated as this: Code: @RequestMapping(value={"/failed403"},method=RequestMethod.GET) public String render403Page(HttpServletRequest request,HttpSession session,Model model) { return "denied"; } Here is my ... |
Pass user input between two Controllers and display user input after submit Pass user input between two Controllers and display user input after submit The displayHw.jsp and displayHwController handles the user ... |
Hi guys, i planned to use spring security in my spring application. i have tried the method security expression authorization in service object method and DAO object method, it works fine. ... |
Sending data between an authentication filter and a form controller Hi guys, I seem to be stuck with an interesting problem. I am currently writing a web app which has two ... |
Hi, I used acegi logout controller with spring. I used logout controler to update logout time @ DB on the time of logout. The code is working good on test environment. ... |
Sep 2nd, 2010, 10:01 PM #1 fikou-sama View Profile View Forum Posts Private Message Junior Member Join Date Jun 2010 Posts 6 NoSuchFieldError when trying to access a controller Hi, I'm ... |
Access to wildcard @RequestMapping path within controller Hi, I need to know the value of the wildcard match for a RequestMapping within a controller's method. I realize a PathVariable can be ... |
Automatic Authentication AFTER Registration in Controller What is the best way to Authenticate a user from inside a Registration controller so they don't have to log in after they register? I ... |
|
Issue with @Secured on annotated controller I'm using Spring 3.0.5 and Spring Security 3.0.3. I have an annotated controller class implementing a RESTful web service. The service is working fine until ... |
How to access finder method in controller explicitly I have added finder method to an entity class, and could access via dynamically round tripped views. However I want to access finder ... |
Retrieving customer info at Spring Security login before going to controller Hi, I've recently started learning Spring. My first, learning, app will be simple customer managemnt system for a friend. I ... |
Dec 4th, 2010, 09:50 AM #1 porkshire View Profile View Forum Posts Private Message Junior Member Join Date Dec 2010 Posts 2 Spring Security and controller mapping Hi. I have a ... |
|