English 中文(简体)
春天安全3 保护点不工作
原标题:spring security3 s protect pointcut is not working
  • 时间:2011-11-01 04:59:17
  •  标签:
  • spring

<http > <intercept-url pattern="/a.jsp" access="hasRole( ROLE_X )"/> </http>
in spring security3.0.7 or 3.1
it is Ok. only ROLE_X can see a.jsp page.

but:
<global-method-security > <protect-pointcut expression="execution(* test.Test.o1*(..))" access="hasRole( ROLE_X )"/> </global-method-security>
it is not working,eneryone can use the method test.Test.o1~~


when pre-post-annotations="enabled"
@PreAuthorize("hasRole( ROLE_X )")
it is also not working,eneryone can use the method test.Test.o1~~


i m so sad~~
any advise or used global-method-security demo , ths.

问题回答

你们需要把这一诺言放在“灯塔”。

http://static.springsource.org/spring-security/site/faq/faq.html#faq-method-security-in-web-context

See also: Can Spring Security use @PreAuthorize on Spring controllers methods?

时间:2012-06-26 04:34:54


上一篇:
下一篇:


相关问题
array dependency injection in spring?

is there a way to use dependency injection to inject all available implementations of a specific interface in spring? This is kind of the same thing as asked here for .NET. Though my aim is to use @...

时间:2009-11-17 09:25:43 回答:2 展示:1
Spring Properties File

Hi have this j2ee web application developed using spring framework. I have a problem with rendering mnessages in nihongo characters from the properties file. I tried converting the file to ascii using ...

时间:2009-11-13 05:05:41 回答:3 展示:1
Grails Packaging and Naming Conventions

Packaging Controllers, Services,etc. i.e. - com.company.controllers - com.company.services Is this a good practice or should be avoided by all means?? Another worth mentioning problem I encountered ...

时间:2009-11-12 11:39:29 回答:1 展示:1
How can I determine Objects in application context?

I am trying to write a portlet for Liferay (using Tomcat and Spring) and need to use a database via Persistence API/Hibernate. I am using some configuration XMLs (applicationContext.xml, etc.) and ...

时间:2009-11-11 09:06:53 回答:1 展示:1
How to prevent JPA from rolling back transaction?

Methods invoked: 1. Struts Action 2. Service class method (annotated by @Transactional) 3. Xfire webservice call Everything including struts (DelegatingActionProxy) and transactions is configured ...

时间:2009-11-09 15:28:34 回答:2 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全