Databases
StackOverflow2013
Postsdbo
POHow do I use custom roles/authorities in Spring Security?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow do I use custom roles/authorities in Spring Security?
    text
    copied!<p>While migrating a legacy application to spring security I got the following exception:</p> <pre><code>org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxy': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_filterSecurityInterceptor' while setting bean property 'filters' with key [3]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterSecurityInterceptor': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [superadmin] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:480) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409) at java.security.AccessController.doPrivileged(Native Method) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264) </code></pre> <p>In the old application there are roles like "superadmin", "editor", "helpdesk" etc. But in all Spring Security examples I only see roles like "ROLE_" ("ROLE_ADMIN" etc). When I rename "superadmin" to "ROLE_ADMIN" and only use this role in the config, everything works.</p> <p>Doesn't work:</p> <pre><code> &lt;http auto-config="true"&gt; &lt;intercept-url pattern="/restricted/**" access="superadmin"/&gt; &lt;form-login authentication-failure-url="/secure/loginAdmin.do?error=true" login-page="/secure/loginAdmin.do" /&gt; &lt;/http&gt; </code></pre> <p>Works:</p> <pre><code>&lt;http auto-config="true"&gt; &lt;intercept-url pattern="/restricted/**" access="ROLE_ADMIN"/&gt; &lt;form-login authentication-failure-url="/secure/loginAdmin.do?error=true" login-page="/secure/loginAdmin.do" /&gt; &lt;/http&gt; </code></pre> <p>Is possible to use custom role names? </p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload