I'm trying to build a control logic that depends on the current gsp page to call an action, is there a tag or a session method that i can use to identify the current gsp page I want to restrict access to all GSPs except singup and login, so if a user open any other gsp he will be redirected to signup page and he will also be able to n...
is springdoclet use to generate bean defination xml files? servlet-config.xml..etc ? i trying to find out what is the different springdoclet compared to spring roo ...
Hi, I'm using spring-security framework.When I update the permissions,It does not take effect immediately.I have to quit the current user(means logout), and then re-visit(means login) will be to update the user's permission. Is a way that immediately enable the authority after update user authority in spring security? ...
can anyone clearly explain on the different on this two class defined in web.xml? ...
I am writing a web app in Grails with the Acegi/Spring Security plug-in, and am having trouble getting it to see changes I make to User instances. I have only been working with Groovy/Grails for about three weeks, so please forgive me if this problem is trivial, since I have been poring over mailing lists and tutorials trying to find the...
i have a bean in xml like below <bean id="theCustomAuthenticationProvider" class="test.custom.CustomAuthenticationProvider"> <security:custom-authentication-provider /> a.may i know what does security:custom-authentication-provider means when i put it in my bean like above? b. do i need to create <bean id="authenticationManag...
my service look like below @Controller @GwtRpcEndPoint public class ServerServiceImpl implements ServerService { @org.springframework.security.annotation.Secured("ROLE_ADMIN")public String runGwtSprMvcHibJpaDemo(String s) { System.out.println("SecurityContextHolder.getContext()="+SecurityContextHolder.getContext()); Sys...
I'm trying to make a simple forum just to get the hang of the Spring Security and MVC frameworks. For simplicity's sake, let's I have a JSP to view a forum post, which looks like the following: <body> ... Title: ${forumPost.title} <br> Author: ${forumPost.author.name} <br> Message: {forumPost.message} <br> <securi...
may i know is there any tutorials/guideliness on spring security integrate with facebook connect ...
i annotated a bean class with @Secured and when i call the bean, there is no security exception throw even when no user login yet. i trying to debug it. my question is when we annotate a method/class with @Secured, when spring app start, is there any statement printed on log....? i already put below log bean in appcontext.xml <bean cl...
i wonder any folks doing gwt+grail integration . one advantage of grail is it has many plugins. while gwt is good and easy to create ajax ui. can anyone share some good and bad enperience doing gwt+grail integration. My question is triggered when i was looking for facebook connect . seems to me grail already has such plugin available whi...
In applicationContext.xml, it is valid to defined mmultiple security:custom-authentication-provider ? for example <bean id="dummyAuthenticationProvider" class="com.user.sample.gwtspring.server.security.JDBCDummyAuthenticationProvider"> <security:custom-authentication-provider /> </bean> <bean id="dummyAut...
both spring authentication provider and authentication processing filter also need to register with authenticationManager? authentication provider i can use custom-authentication-provider tag but what is different spring authentication provider and authentication processing filter ? ...
While migrating a legacy application to spring security I got the following exception: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxy': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_fil...
I am using Wicket with the Wicket Auth Project for my presentation layer and I have therefore integrated it with Spring Security. This is the method which is called by Wicket for authentication for me: @Override public boolean authenticate(String username, String password) { try { Authentication request = new UsernamePasswordAu...
I'm using the latest release of Spring Blzeds integration which has some features making it easier to secure invocations on destination objects. However the basic setup I use which uses the ChannelSet login approach form the flex side looses the authentication information (sessions) on each page refresh. Here's the configuration I'm usin...
While developing an application it's quite useful to be able to quickly login as different users, with different roles, to see how the application presents itself. Typing usernames and entering password is no fun, and a waste of time. What I'd like to do is: add a page/panel with a list of available usernames; clicking on a username w...
I have one security context definition that uses PreAuthenticatedProcessingFilterEntryPoint for the flex part of my application. How can I have another definition that will use standard form login with html forms for another part of my application? Here's what I currently have: <?xml version="1.0" encoding="UTF-8"?> <beans:beans xml...
Hi, I need to extract more information than just the CN of the certificate. Currently, I only get the standard UserDetails loadUserByUsername(String arg) where arg is the CN of the certificate. I need to get the X509Certificate object. Is it possible? on spring security xml file : <x509 subject-principal-regex="CN=(.*?)," user-servic...
I want to run authentication/authorization only for the calls that come from HTTP requests. The method on the controller I want to have authentication/authorization enabled is called from more than one source. In this case, it can be either called by another controller or by a direct HTTP request. Can I turn off authentication/authoriz...