I'm using spring-security and jQuery in my application. Main page uses loading content dynamically into tabs via Ajax. And all is ok, however sometimes I've got the login page inside my tab and if I type credentials I will be redirected to the content page without tabs. So I'd like to handle this situation. I know some of the people use...
Hi, i have this object @Service public class myBr { @PostFilter("filterObject.cellule.getId()==2") public List<Bibliotheque> getB() { return super.getAll(); } public List<Bibliotheque> getA() { return getB(); } When i call from a test : myBr.getB() the @PostFilter is applied but when i call myBr.g...
I'm wrapping up an implementation of Spring Security in Grails. This is my first implementation on Spring Security- previously I used Acegi. Here's the problem I'm having. In Acegi, I was able to retrieve the authenticated user in the onInteractiveAuthenticationSuccessEvent() callback by accessing the SecurityContextHolder, getting th...
hi my login.jsp i have j_username ,j_password, this will call my UserDetailsServiceImpl.loadUserByUsername(string username) , how to authenticate the password ? ...
I have this error, what does it mean? org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001A8, problem 2001 (NO_OBJECT), data 0, best match of: '' ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001A8, problem 2001 (NO_OBJECT...
How to get SavedRequest in Spring Security 3 in login.jsp ? I found an example : <%@page import="org.springframework.security.web.savedrequest.SavedRequest"%> <% SavedRequest savedRequest = (SavedRequest) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY); .... %> But this doesn't work in SpringSecurit...
I am working on an app that uses the Spring (Acegi) plugin for Grails. The plugin has facebook connect settings built in. I have followed the instructions to handle a facebook login within the app... however my knowledge of exactly whats going on is weak and what I really would like to do is give the user/visitor the option of either l...
Hi, I created a db to manage the users of my webpage. What is the way to make this db protected from malicious users? I want to find out what are the main protection methods, as well as less used methods. ...
I've setup Acegi, having a manager user to ask for authentication. After a user is authenticated, it seems Acegi asks for user attributes where login user needs to have read permissions over the LDAP hierarchy. How can I avoid Acegi asks for attributes, so no read permissions would be necessary for every login user? Why read permission...
Hi, I get the following error... Unsupported configuration attributes: [permitAll] When adding .... <sec:intercept-url pattern="/nonsecure/**" access="permitAll" /> I'm on Websphere with Spring 2.5. Can anyone help? Jeff Porter ...
I'm writing a grails 1.3.2 application and implementing security with spring-security-core 1.0. For reasons outside the scope of this question, I'm implementing a custom FilterSecurityInterceptor in addition to the out of the box interceptors. I've started with a blog entry on the topic and attempted to adjust it for Spring Security 3 ...
Hi, I have the following definition... <bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/> <property name="objectDefinitionSource">...
Hello, I am using Spring security in my application and wish to know if there is a way to "ask" spring to only remember the user-name of the user that comes to the application (by means of the remember-me checkbox). What I could gather from the reference documentation is that Spring is able to save the userName and the password of the us...
Hello, readers (girl) and readers (boy), I have a slighly f%*#@ probelm with Apache Tiles 2.1, I work with : Struts 2.1.8.1 Apache Tiles 2.1 Spring 3.0.3 Spring Security 3.0.3 My problem is : Apache Tiles does not work on each JSPs, it seems to have problem with <tiles:insertAttribute name="body" /> This insert no data. When i s...
Ok, second try here.. hoping I phrase my question better to get a few responses. I am currently working on a small project developed in Grails with the Spring Security plugin to handle account management and security. I want to intercept the login function and add some custom code. The goal is to have 2 options available to the end ...
Do I need to write a custom authentication provider to use facebook connect with account registration + authorization for the Spring Security plugin in Grails? I am trying to offer the traditional application registration with facebook connect in a grails dev app using Spring Security. Does this make sense? Any ideas? ...
Does anyone know why when I try to create an advice around the "doAuthentication" method of the Spring Security (v3.0) ProviderManager my application throws an exception on startup? I am autowiring an instance of my spring authentication-manager bean into a controller and when the autowire is attempted my app fails to deploy. Here is ...
I'm trying to understand Spring 3.0 authentication. In the code below, why is user.getRole() set as the GrantedAuthority? public final UserDetails loadUserByUsername(final String username) { final List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); UserAccount user = (UserAccount) memcacheService.get(userna...
What is the difference between ROLE_USER and ROLE_ANONYMOUS in a Spring intercept url configuration such as the example below? <http auto-config="false" access-decision-manager-ref="accessDecisionManager" use-expressions="true"> <intercept-url pattern="/admin/**" access="hasRole('ROLE_ANONYMOUS')" requires-channel="http"...
I'm trying to understand a Spring 3.0 application which contains the following BeanPostProcessor implementation. What is this code needed for? I thought the UserDetailsService was sufficient for getting and setting the User account information. @Service public class UserPassAuthFilterBeanPostProcessor implements BeanPostProcessor { ...