roles

I want to use @PreAuthorize annotation on service methods with Spring Security. One of requirements is to use role-hierarchy. But by default it is not enabled. I found that in SecurityExpressionRoot class ("the base class for expression root objects") there is a property roleHierarchy. The class actually does use this property for methods like hasRole() and hasAnyRole() . I suppose that if I supply it with my own RoleHierarchy bean I will be able to use @PreAuthorize annotations with hierarchical roles. How can I inject my hierarchy bean into SecurityExpressionRoot ? For method security you

I am new to MVC, I looked through similar posts on stack, but they did'nt seem to help my problem. I have two roles Admin and User. When a person logs in, I want the layout to change based on whether the person had Admin privileges or User Privileges. My Admin Layout is _Layout.cshtml My User Layout is _LayoutUser.cshtml Is there something in my Login Controller that I can put which will change the layout based on the role of the User? The role of the user is specified in the Login table. id LoginStudentNumber LoginPassword Role 1 123456 123456 Admin 2 234567 234567 Admin 3 345678 345678 User

EDIT - Rewrote my original question to give a bit more information Background info At my work I'm working on a ASP.Net web application for our customers. In our implementation we use technologies like Forms authentication with MembershipProviders and RoleProviders. All went well until I ran into some difficulties with configuring the roles, because the roles aren't system-wide, but related to the customer accounts and projects. I can't name our exact setup/formula, because I think our company wouldn't approve that... What's a customer / project? Our company provides management information for

I'm using ASP.NET Membership and noticed there isn't a method in the Roles class to modify a role (its name for instance), only to create and delete them. Is it possible or it's not supported? EDIT: @CheGueVerra: Yes, nice workaround. Do you know (for extra credit :) ) why it's not possible? CheGueVerra There is no direct way to change a role name in the Membership provider. I would get the list of users that are in the role you want to rename, then remove them from the list, delete the role, create the role with the new name and then Add the users found earlier to the role with the new name.

I was investigating on how to create custom role prefix until I realized that it doesn't matter. As long as my role from my db matches something like: <security:intercept-url pattern="/person/myProfile/**" access= "hasRole('BlaBla')" /> And it is not example, in db I literally set up role BlaBla to test and it works. I don't like when I get different behavior - many people had problem of setting up custom prefix to create custom role. What happens in here and should I expect hidden rocks? I have 3.0.7 release. And in my query for authorities I don't have 'default' values... Is it caused by

I want to know if its possible to set roles based on a selected category. In our app there are categories which contain articles. Now we have a role hierarchy like this: ROLE_ADMIN > ROLE_EDITOR > ROLE_USER . The problem is that a user might have different roles based on the currently selected category: user1 - cat1 - ROLE_USER user1 - cat2 - ROLE_EDITOR The categories are not static. New ones can be added and older deleted. Is it possible to achieve this using Spring Security? From your description, it sounds like the RBAC model that Spring Security gives you is not enough. You have 2 options

I have the following code I've typed into the Account Controller in my MVC project and I am in both the administrator and manager roles. When I log in I get redirected back to my home index instead of being redirected to my AdminApp index. Any ideas where I'm going wrong in my code? [AcceptVerbs(HttpVerbs.Post)] [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings", Justification = "Needs to take same parameter type as Controller.Redirect()")] public ActionResult LogOn(string userName, string password, bool rememberMe, string returnUrl) {

Is it possible with Postgresql to create a database which has 2 users which act like owners to the database? I can create a group role and add both users to that group, and then make the group the owner of the database, but this requires both users to be have to manually set their role on every connection to make any tables they have created accessible to the other user. Is there any way to make the group be the default role for a user each time they log in or any other way to achieve the same thing? No, each database can only have one owner. As stated previously you can have more than one

I am working on a grails application for the first time and I now want to protect some pages to be viewed only by admins, and give some permissions to other users. I am using Apache Shiro plugin for grails. My sample code in the bootstrap looks like this class BootStrap { def init = { servletContext -> def adminRole if(ShiroRole.findByName("Admin".isEmpty())){ adminRole = new ShiroRole(name: "Administrator") adminRole.addToPermissions("*:*") adminRole.addToPermissions("admin") adminRole.save() // 'user' now has all administrator rights } if (ShiroUser.findAllByUsername("user").isEmpty()) { def