spring security - SpringBoot SpringSecurity ACL @PostFilter -

-

i using ...

springbootversion = '1.2.4.release' springversion = '4.1.6.release' springsecurityversion = '4.0.0.m2'   @configuration @enableglobalmethodsecurity(prepostenabled = true) @enablewebmvcsecurity @profile(elmprofile.has_authentication) public class securityxxx extends websecurityconfigureradapter {  }

application.java has appropriate 

@componentscan  logging.level.org.springframework.security=trace

problem: there strange behaviour ... 

there may post filter  annotations defined on service interface , in logs shows detected  annotation on service impl class  instead !?.   althought there many such methods on service interface 1 method detected

yes service has @service annotation shown below :

@validated public interface siteservice {     @postfilter("haspermission(filterobject, 'read')")     @notnull     list<site> getsiteswithbins();      @postfilter("haspermission(filterobject, 'read')")     @notnull     list<site> getallsitesrestricted();      @postfilter("haspermission(filterobject, 'read')")     @notnull     list<site> getallsites();      @postfilter("haspermission(filterobject, 'read')")     @notnull     list<site> findsitesbymain(final boolean ismain);      @notnull     list<site> getsitesbytransfertype(@min(1) final long siteid, @notnull final transfertype.code transfertype);      @postfilter("haspermission(filterobject, 'read')")     site getsite(@min(1) final long siteid);    @service @transactional @requiredargsconstructor(onconstructor = @__(@autowired)) public class siteserviceimpl implements siteservice {           //implementas service interface methods }  stack trace below shows 1 method found , methods not found i.e.  @postfilter on getsite() method found .. 2015-06-26 19:23:17.986 trace 13561 --- [           main] .prepostannotationsecuritymetadatasource : looking pre/post annotations method 'getsite' on target class 'class au.com.xxx.xxxx.inventory.main.service.siteserviceimpl' 2015-06-26 19:23:17.987 debug 13561 --- [           main] .prepostannotationsecuritymetadatasource : @org.springframework.security.access.prepost.postfilter(value=haspermission(filterobject, 'read')) found on specific method: public au.com.xxxx.xxxx.inventory.main.domain.site au.com.xxxx.xxxx.inventory.main.service.siteserviceimpl.getsite(java.lang.long) 2015-06-26 19:23:17.990 debug 13561 --- [           main] m.delegatingmethodsecuritymetadatasource : caching method [cachekey[au.com.xxxx.xxxx.inventory.main.service.siteserviceimpl; public abstract au.com.xxxx.xxxx.inventory.main.domain.site au.com.xxxx.xxxx.inventory.main.service.siteservice.getsite(java.lang.long)]] attributes [[authorize: 'permitall', filter: 'null', filtertarget: 'null'], [authorize: 'null', filter: 'haspermission(filterobject, 'read')']]

so strange other annotations ignored on service interface , 1 particular method recognized have annotation. alss strange thing per log statements above, finds @postfilter on service implementation class, defined in interface !!!!!! , have made sure there no other interface/classes of same name on classpath.

your stack trace not clear. helpful if post entire log getting. here quick fix, check whether have added @service annotation on serviceimpl calss , make sure service package should configured in . remember in spring every thing component represent @component annotation , @service , @repository sub annotations of @component.


Comments

Post a Comment

Popular posts from this blog

python - No exponential form of the z-axis in matplotlib-3D-plots -

-
Image
i have similar problem described in how prevent numbers being changed exponential form in python matplotlib figure : i don't want (in special case) weird scientific formatting of axis. problem different have problem @ z -axis. 2-d plots can use ax.get_yaxis().get_major_formatter().set_useoffset(false) . , there no function ax.get_zaxis() what use format z -axis same way? edit: example: from mpl_toolkits.mplot3d import axes3d import numpy np import sys import matplotlib import matplotlib.pyplot pyplot def func(xi, ti): res = 10e3 + np.cos(ti) * np.sin(xi) return res if __name__ == '__main__': timespacing = 20 timestart = 0 timeend = 1 time = np.linspace(timestart, timeend, timespacing) widthspacing = 50 widthstart = 0 widthend = 3 width = np.linspace(widthstart, widthend, widthspacing) reslist = [] matplotlib.rcparams['legend.fontsize'] = 10 fig = pyplot.figure() ax = fig.gca(projection = '3d...
Read more

php - Best Light server (Linux + Web server + Database) for Raspberry Pi -

-
i install web server database on raspberry pi (little computer). computer has 1gb ram. i want know best combination: linux distribution , web server , dbms run local server multiple users minimal latency, use php on server. , best settings performance , not have bugs (memory usage, disable plugin, disable service, etc)? i thought light debian , lighttpd server , sqlite database. solution? i think lighttpd + sqlite great choice. linux distro, debian @ centos or tiny core linux , although i'm not sure of compatibility pi. obviously, can't go wrong raspbian if want use in production , more stable performance, few more pi's , set them in cluster .
Read more

c# - "Newtonsoft.Json.JsonSerializationException unable to find constructor to use for types" error when deserializing class -

-
i developing app in xamarin android. have splash screen serialize class , pass mainactivity using intent . when try deserialize in mainactivity error message : "serializationexception unable find constructor use types" serialization : void loaddata() { currency currency = new currency(this); intent = new intent(this, typeof(mainactivity)); intent.putextra("currency", newtonsoft.json.jsonconvert.serializeobject(currency)); startactivity(intent); } deserialization : cur = newtonsoft.json.jsonconvert.deserializeobject<currency> (intent.getstringextra("currency")); // error here class constructor : public currency(context context) { thiscontext = context; } i began experiencing problem after added parameter context context constructor. has caused this? how can solve it? possible serialize/deserialize class has parameters? you need have empty constructor in currency class in order deserialize it. ...
Read more