java - Setup custom auth and role in spring security -

- August 15, 2014

i have extended websecurityconfigureradapter configure custom authentication , authorization. have introduced new api say, "/v1/api". requirement follows,

this api supposed called entity role "api_role" , no 1 else
also person "api_role" should not able call other api in system.

how configuration like?

@override protected void configure(httpsecurity http) throws exception {     http.authorizerequests().antmatchers("/v1/api**").hasauthority("role_api");

the above code achieves 1 purpose, how block person role hit other api?

you can use following java configuration.

@override protected void configure(httpsecurity http) throws exception {     http.authorizerequests().antmatchers("/v1/api**").hasauthority("role_api")         .and().authorizerequests()         .antmatchers("/**").not().hasauthority("role_api");

Search This Blog

Shell

java - Setup custom auth and role in spring security -

Comments

Post a Comment

Popular posts from this blog

javascript - Laravel datatable invalid JSON response -

java - Exception in thread "main" org.springframework.context.ApplicationContextException: Unable to start embedded container; -

sql server 2008 - My Sql Code Get An Error Of Msg 245, Level 16, State 1, Line 1 Conversion failed when converting the varchar value '8:45 AM' to data type int -