StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POCreating New Roles and Permissions Dynamically in Spring Security 3
primarykey
Id
8321696
data
AcceptedAnswerId
8322951
AnswerCount
5
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2011-11-30T05:51:11.723
FavoriteCount
22
LastActivityDate
2018-03-27T19:07:43.593
LastEditDate
2014-01-24T14:49:43.363
LastEditorUserId
2621917
OwnerUserId
995009
ParentId
0
PostTypeId
1
Score
29
ViewCount
36333
LastEditorDisplayName
text
Body
I am using Spring Security 3 in Struts 2 + Spring IOC project. I have used Custom Filter, Authentication Provider etc. in my Project. You can see my security.xml here <pre><code><?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <global-method-security pre-post-annotations="enabled"> <expression-handler ref="expressionHandler" /> </global-method-security> <beans:bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler" > <beans:property name="permissionEvaluator" ref="customPermissionEvaluator" /> </beans:bean> <beans:bean class="code.permission.MyCustomPermissionEvaluator" id="customPermissionEvaluator" />  <http auto-config="true" use-expressions="true" pattern="/user/*" > <intercept-url pattern="/index.jsp" access="permitAll"/> <intercept-url pattern="/user/showLoginPage.action" access="permitAll"/> <intercept-url pattern="/user/showFirstPage" access="hasRole('ROLE_USER') or hasRole('ROLE_VISIT')"/> <intercept-url pattern="/user/showSecondUserPage" access="hasRole('ROLE_USER')"/> <intercept-url pattern="/user/showThirdUserPage" access="hasRole('ROLE_VISIT')"/> <intercept-url pattern="/user/showFirstPage" access="hasRole('ROLE_USER') or hasRole('ROLE_VISIT')"/> <form-login login-page="/user/showLoginPage.action" /> <logout invalidate-session="true" logout-success-url="/" logout-url="/user/j_spring_security_logout"/> <access-denied-handler ref="myAccessDeniedHandler" /> <custom-filter before="FORM_LOGIN_FILTER" ref="myApplicationFilter"/> </http> <beans:bean id="myAccessDeniedHandler" class="code.security.MyAccessDeniedHandler" /> <beans:bean id="myApplicationFilter" class="code.security.MyApplicationFilter"> <beans:property name="authenticationManager" ref="authenticationManager"/> <beans:property name="authenticationFailureHandler" ref="failureHandler"/> <beans:property name="authenticationSuccessHandler" ref="successHandler"/> </beans:bean> <beans:bean id="successHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"> <beans:property name="defaultTargetUrl" value="/user/showFirstPage"> </beans:property> </beans:bean> <beans:bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <beans:property name="defaultFailureUrl" value="/user/showLoginPage.action?login_error=1"/> </beans:bean> <beans:bean id= "myUserDetailServiceImpl" class="code.security.MyUserDetailServiceImpl"> </beans:bean> <beans:bean id="myAuthenticationProvider" class="code.security.MyAuthenticationProvider"> <beans:property name="userDetailsService" ref="myUserDetailServiceImpl"/> </beans:bean>   <http auto-config="true" use-expressions="true" pattern="/admin/*" > <intercept-url pattern="/index.jsp" access="permitAll"/> <intercept-url pattern="/admin/showSecondLogin" access="permitAll"/> <intercept-url pattern="/admin/*" access="hasRole('ROLE_ADMIN')"/> <form-login login-page="/admin/showSecondLogin"/> <logout invalidate-session="true" logout-success-url="/" logout-url="/admin/j_spring_security_logout"/> <access-denied-handler ref="myAccessDeniedHandlerForAdmin" /> <custom-filter before="FORM_LOGIN_FILTER" ref="myApplicationFilterForAdmin"/> </http> <beans:bean id="myAccessDeniedHandlerForAdmin" class="code.security.admin.MyAccessDeniedHandlerForAdmin" /> <beans:bean id="myApplicationFilterForAdmin" class="code.security.admin.MyApplicationFilterForAdmin"> <beans:property name="authenticationManager" ref="authenticationManager"/> <beans:property name="authenticationFailureHandler" ref="failureHandlerForAdmin"/> <beans:property name="authenticationSuccessHandler" ref="successHandlerForAdmin"/> </beans:bean> <beans:bean id="successHandlerForAdmin" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"> </beans:bean> <beans:bean id="failureHandlerForAdmin" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <beans:property name="defaultFailureUrl" value="/admin/showSecondLogin?login_error=1"/> </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider ref="myAuthenticationProviderForAdmin" /> <authentication-provider ref="myAuthenticationProvider" /> </authentication-manager> <beans:bean id="myAuthenticationProviderForAdmin" class="code.security.admin.MyAuthenticationProviderForAdmin"> <beans:property name="userDetailsService" ref="userDetailsServiceForAdmin"/> </beans:bean> <beans:bean id= "userDetailsServiceForAdmin" class="code.security.admin.MyUserDetailsServiceForAdminImpl"> </beans:bean>  <beans:bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> <beans:property name="basenames"> <beans:list> <beans:value>code/security/SecurityMessages</beans:value> </beans:list> </beans:property> </beans:bean> </code></pre> Uptill now you can see, url-pattern I have mentioned is hard coded. I wanted to know if there is a way to create new ROLES and PERMISSIONS dynamically, not hard coded. Like creating new roles and permissions and saving them to database and then accessing from database. I have searched on net, but I am not able to find out how to add new entries to code.
Tags
<spring><spring-security>
Title
Creating New Roles and Permissions Dynamically in Spring Security 3
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USMichael Piefel
UserOwnerUserId
1. USDark Drake
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
3. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POCreating New Roles and Permissions Dynamically in Spring Security 3
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POCreating New Roles and Permissions Dynamically in Spring Security 3
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POCreating New Roles and Permissions Dynamically in Spring Security 3
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.