spring-security

Why use “#post” instead of “post” in hasPermission check in Spring Security

人盡茶涼 提交于 2020-01-17 11:28:27
问题 I am new to spring security. While analyzing the below code change, I could not comprehend why "#post" is used instead of "post" ? Why is the word "post" prefixed with a "#"? post is an object. @PreAuthorize("hasPermission(#post, 'MANAGER') or hasRole('ROLE_MODERATOR')") + @PreAuthorize(

Spring Security 3.x: How can I enable both BASIC and DIGEST authentication?

六月ゝ 毕业季﹏ 提交于 2020-01-17 03:02:47
问题 I want to configure Spring Security to enable both BASIC and DIGEST authentication for the same set of URL's, but it's unclear whether or not this is possible. I see that I need to enable multiple AuthenticationEntryPoint instances to set the appropriate HTTP headers, but I don't see any built in

Spring Security 3.x: How can I enable both BASIC and DIGEST authentication?

醉酒当歌 提交于 2020-01-17 03:02:32
问题 I want to configure Spring Security to enable both BASIC and DIGEST authentication for the same set of URL's, but it's unclear whether or not this is possible. I see that I need to enable multiple AuthenticationEntryPoint instances to set the appropriate HTTP headers, but I don't see any built in

403 response for POST/PUT/DELETE request in spring boot + spring security application

冷暖自知 提交于 2020-01-17 02:39:13
问题 I am using spring security in my spring boot rest app. Get requests are working fine but POST/PUT/DELETE request are giving "403 Forbidden". Below is my code snippet. UI is in Angular 6 @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) public class

Spring Injection not working if i use “implements” in class

爱⌒轻易说出口 提交于 2020-01-16 18:32:19
问题 This was my previous SO question Spring Injection not working in different service class @Service("securityService") @Transactional public class SecurityService implements UserDetailsService { protected static Logger logger = Logger.getLogger("service"); @Autowired public RegistrationDAO

How to insert new user or modify existing user in LDAP server using Spring boot ldap

柔情痞子 提交于 2020-01-16 08:47:08
问题 I am using ldap authentication for my Spring boot project and LDAP is succesfully configured as I am able to authenticate existing users but while I am creating a new user it shows error: org.springframework.ldap.odm.core.impl.InvalidEntryException: Can't get Id field from Entry org

Spring security core and spring security crypto maven artifacts (duplicate classes)

痞子三分冷 提交于 2020-01-16 08:07:47
问题 I'm building a self-contained jar with the maven shade plugin (an uberjar) and I get warnings for all the spring-security-crypto classes: [WARNING] We have a duplicate org/springframework/security/crypto/bcrypt/BCrypt.class in ***\.m2\repository\org\springframework\security\spring-security-crypto