spring-security

问题 I have the following classes public abstract class BaseCotroller { @RequestMapping("/m") public String m() { ... } @RequestMapping("/n") public String n() { ... } } @PreAuthorize("hasRole('ROLE_ADMIN')") @RequestMapping("/a") public class ACotroller extends BaseController { @PreAuthorize("hasRole('ROLE_ADMIN')") @Override public String m() { return super.m(); } } @PreAuthorize gets applied for m, but not for n, though it should as @PreAuthorize is specified at the class level. Or do I missed

问题 I am new to Spring MVC . I am working on an application where before going to the login controller it does some process in security controller. I dont know to which all methods in my code is accessed while logging in. So i am trying to know if there is a way to log all the methods in the flow of application while logging in? Please help me. Thanks. 回答1: The cleanest and most proper way to do this is to have proper logging implemented in your application. That way, you would now exactly the

问题 I am building an application using Spring boot with Spring security and front end reactJS. My code works well with authentication. But now i am planning to redirect the user to his previous requested page in case he has to login again. I can extract targetUrl i.e. previous page from the successhandler but when i do a console.log(data) at the UI. I get the raw html data instead of URL name. I dont know why and how to open such a raw html code or can i send just html URL name from

问题 Hi I am using spring boot for my project so I am not using xml for any of my configurations, only java. I am using this project on github as a reference https://github.com/techdev-solutions/jaxenter-showcase . When I make a request(http://localhost:8081/oauth/authorize?client_id=web&response_type=token with username and password in header) for the token it returns the redirect html site not the token.. How do I configure oauth2 to return the token in the response. If I send a request using

问题 I have written a custom AccessDeniedHandler (look at this answer) and it works fine . But I wonder, why the AccessDeniedException is still logged in the background: org.springframework.security.access.AccessDeniedException: Zugriff verweigert at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84) at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233) How to suppress this logging

问题 Hi I'm trying to implement a spring boot web application using JSP as view engine. I'm following this tutorial as a basic: http://www.mkyong.com/spring-security/spring-security-hello-world-annotation-example/ I know that the tutorial didn't use spring boot. Anyway, I managed to implement a basic login thing. But the problem is that when I try to logout, it does not work and show me "White label error page" with the message saying "This application has no explicit mapping for /error, so you

问题 I have a login form ,a jsf backing login bean ,and a user details service. Although the user is authenticated he is not redirected to the landing page. The bean authenticates the user thru the UserDetailsService w/o any problem. package com.emredincer.yetki.bean; import javax.faces.bean.ManagedBean; import javax.faces.bean.ManagedProperty; import javax.faces.bean.RequestScoped; import javax.security.sasl.AuthenticationException; import org.springframework.security.authentication

问题 i have added the access-denied-handler tag to redirect to an specific page when my app handles a AccessDeniedException but i have the error: Configuration problem: Failed to import bean definitions from relative location [pgm-security-cas.xml] Offending resource: class path resource [spring/pgm-servlet.xml]; nested exception is org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 92 in XML document from class path resource [spring/pgm-security-cas.xml] is invalid;

问题 I know there are a lot threads on the forum about this issue but still haven't figure out a solution. So, I have deployed two applications in a private JVM/tomcat 8.5.30 on my vps. The one is my ROOT.war and the other one is the admin.war They were accesible from http://example.com and http://example.com/admin Before I installed a ssl certificate everything worked fine. After installing it and forcing https redirect I am facing a problem with my admin.war (now they are both accesible from

问题 I know there are a lot threads on the forum about this issue but still haven't figure out a solution. So, I have deployed two applications in a private JVM/tomcat 8.5.30 on my vps. The one is my ROOT.war and the other one is the admin.war They were accesible from http://example.com and http://example.com/admin Before I installed a ssl certificate everything worked fine. After installing it and forcing https redirect I am facing a problem with my admin.war (now they are both accesible from