Databases
StackOverflow2013
Postsdbo
POReject access to specific URLs for all the ROLEs in Spring Security
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POReject access to specific URLs for all the ROLEs in Spring Security
    text
    copied!<p>This is my spring-security.xml </p> <pre><code> &lt;beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"&gt; &lt;http auto-config="true" use-expressions="true"&gt; &lt;intercept-url pattern="/dashboard.htm" access="hasAnyRole('ROLE_USER','ROLE_ADMIN','ROLE_DEMO')"/&gt; &lt;intercept-url pattern="/dash/*" access="hasAnyRole('ROLE_USER','ROLE_ADMIN','ROLE_DEMO')"/&gt; &lt;form-login login-page="/index.htm" default-target-url="/dashboard.htm" authentication-failure-url="/loginfailed.htm" /&gt; &lt;logout logout-success-url="/logout.htm" invalidate-session="true" /&gt; &lt;/http&gt; &lt;beans:bean id="customUserService" class="edu.am.bigdata.web.service.impl.CustomUserServiceImpl"&gt;&lt;/beans:bean&gt; &lt;authentication-manager&gt; &lt;authentication-provider user-service-ref="customUserService"&gt; &lt;password-encoder hash="md5"&gt; &lt;/password-encoder&gt; &lt;/authentication-provider&gt; &lt;/authentication-manager&gt; &lt;/beans:beans&gt; </code></pre> <p>how to prevent access to one particular Url??? I have some controller functions (i.e.) urls - <strong>/dash/* , /algo/*</strong> </p> <p>I need to prevent this url even if user possess any ROLE and show it as access Denied only if he directly access these urls. But my web application internally uses this URL. If I type this url manually like localhost:8080/MyApp/dash/viz.htm, this should show access denied. For any Roles these urls should not be accessed.. How can I do this ???</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload