authorization

In Spring Security we use the intercept-url tag to define the access for URLs as below: <intercept-url pattern="/**" access="ROLE_ADMIN" /> <intercept-url pattern="/student" access="ROLE_STUDENT" /> This is hard coded in applicationContext-security.xml . I want to read the access values from a database table instead. I have defined my own UserDetailsService and I read the roles for the logged in user from the database. How do I assign these roles to the URL patterns during runtime? The FilterInvocationSecurityMetadataSourceParser class in Spring-security (try Ctrl/Cmd+Shift+T in STS with the

I have set up a repository using SVN and uploaded projects. There are multiple users working on these projects. But, not everyone requires access to all projects. I want to set up user permissions for each project. How can I achieve this? Stephen Bailey In your svn\repos\YourRepo\conf folder you will find two files, authz and passwd . These are the two you need to adjust. In the passwd file you need to add some usernames and passwords. I assume you have already done this since you have people using it: [users] User1=password1 User2=password2 Then you want to assign permissions accordingly with

I have a controller in ASP.NET MVC that I've restricted to the admin role: [Authorize(Roles = "Admin")] public class TestController : Controller { ... If a user who is not in the Admin role navigates to this controller they are greeted with a blank screen. What I would like to do is redirect them to View that says "you need to be in the Admin role to be able to access this resource." One way of doing this that I've thought of is to have a check in each action method on IsUserInRole() and if not in role then return this informational view. However, I'd have to put that in each Action which

I am having problem with PHP curl request with basic authorization. Here is the command line curl: curl -H "Accept: application/product+xml" "https://{id}:{api_key}@api.domain.com/products?limit=1&offset=0" I have tried by setting curl header in following ways but it's not working Authorization: Basic id:api_key or Authorization: Basic {id}:{api_key} I get the response "authentication parameter in the request are missing or invalid" but I have used proper id and api_key which is working in command line curl (I tested) Please help me. Suhel Meman Try the following code : $username='ABC';