authorization

I have a controller that has many actions and it specifies a default class-level @PreAuthorize annotation, but one of the actions I want to let anyone in (the "show" action). @RequestMapping("/show/{pressReleaseId}") @PreAuthorize("permitAll") public ModelAndView show(@PathVariable long pressReleaseId) { ModelAndView modelAndView = new ModelAndView(view("show")); modelAndView.addObject("pressRelease", sysAdminService.findPressRelease(pressReleaseId)); return modelAndView; } Unfortunately, Spring Security throws this exception: org.springframework.security.authentication

The authorize filter allows you to specified group of users that can access a controller or action: [Authorize(Roles="Administrator")] public class HomeController : Controller { // code } I would like to know if it is possible to, instead, specify a group of users that cannot access a controller or action. I tried creating my own AuthorizationAttribute after twk's suggestion: public class Restrict : AuthorizeAttribute { private readonly string _role; public Restrict(string role) { _role = role; } protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null)

I create a wcf service as you can see : [OperationContract] [PrincipalPermission(SecurityAction.Demand, Role = "Admin")] [WebInvoke(Method = "GET", UriTemplate = "/Data/{data}")] string GetData(string data); So I create a custom authorize as you can see : public class AuthorizationPolicy : IAuthorizationPolicy { string id = Guid.NewGuid().ToString(); public string Id { get { return this.id; } } public System.IdentityModel.Claims.ClaimSet Issuer { get { return System.IdentityModel.Claims.ClaimSet.System; } } // this method gets called after the authentication stage public bool Evaluate

I'm using SignalR to process clicks from the client on my MVC3 application. Every time a user clicks something, I need to verify the logged in user. If this were inside an MVC3 controller, I would go: if (User.Identity.IsAuthenticated) { string username = User.Identity.Name; //My code here. } However, this code execution is not inside a Controller class. Basically, how can I access the logged in users name from outside a controller? Basically, how can I access the logged in users name from outside a controller? It depends from where you want to access them. If you don't have access to an

I'm using Microsoft Visual Studio to make a simple remote task manager for experience purposes. I want to use Process.GetProcesses(string); but there is an access denied exception that won't allow me to get the remote computer process. In fact it is normal because we should authenticate using a user name and password, but how ? You may try to use WMI for this purpose /// using System.Management; // don't forget! in VS you may have to add a new reference to this DLL ConnectionOptions op = new ConnectionOptions(); op.Username = "REMOTE_USER"; op.Password = "REMOTE_PASSWORD"; ManagementScope sc =

I am currently hard coding the authorized roles in the filter in my MVC applications like so: [Authorize(Roles = "Administrator,Manager")] I'd like to eventually have a way to map the roles to each controller, so that the site admin can handle assigning what roles can perform each set of actions. string roles = DoSomethingToGetAllowableRoles(controllerName); [Authorize(Roles = roles)] I'm imagining that I need to have a database table that somehow keeps a listing of each controller, and then another table mapping the controllers to the roles. What I'd like is a page where I can list out each

I have followed the instructions in https://developers.google.com/bigquery/authorization#service-accounts-appengine to make some queries from app engine to bigquery. In the step 2, I click on Team in Google Api Console and it redirects to App Engine > Administration > Permissions. I add the service account name as Email and as a role I select developer (the option "can edit" is not available), and then click "Invite user". After that, appears a message: "An email was sent to xxxxxx@appspot.gserviceaccount.com for verification." and the status is Pending. How I could confirm the email?, seems

I have my JMX server which registers beans reading from local file and make them available to other JMX clients on demand. Server can be accessed either using "jconsole" or by Java app running under Tomcat container. What i want is to add authentication in order to prevent "unknown" identity accessing JMX Server. To achieve this i have added Kerberos authentication @ server using following JVM options -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=5555 -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.ssl=false -Djava.security.auth.login