Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>So these are at least two questions:</p> <ul> <li>How to make the granted authorities/privileges/Roles dynamic?</li> <li>How to make the access restriction for the URLs dynamic?</li> </ul> <h2>1) How to make the granted authorities/privileges/Roles dynamic?</h2> <p><em>I will not answer this in great detail, because I believe this theme was discussed often enough.</em></p> <p>The easiest way would be to store the complete user information (login, password and roles) in a database (3 Tables: User, Roles, User2Roles) and use the <code>JdbcDetailService</code>. You can configure the two SQL Statements (for authentication and for granting the roles) very nicely in your xml configuration.</p> <p>But then the user needs to logout and login to get these new Roles. If this is not acceptable, you must also manipulate the Roles of the current logged in user. They are stored in the users session. I guess the easiest way to do that is to add a filter in the spring security filter chain that updates the Roles for every request, if they need to be changed.</p> <h2>2) How to make the access restriction for the URLs dynamic?</h2> <p>Here you have at last two ways:</p> <ul> <li>Hacking into the <code>FilterSecurityInterceptor</code> and updating the <code>securityMetadataSource</code>, the needed Roles should be stored there. At least you must manipulate the output of the method <code>DefaultFilterInvocationSecurityMetadataSource#lookupAttributes(String url, String method)</code></li> <li>The other way would be using other expressions for the <code>access</code> attribute instead of <code>access="hasRole('ROLE_USER')"</code>. Example: <code>access="isAllowdForUserPages1To3"</code>. Of course you must create that method. This is called a "custom SpEL expression handler" (If you have the <a href="http://web.archive.org/web/20161012152658/http://www.springsecuritybook.com/" rel="nofollow noreferrer">Spring Security 3 Book</a> it's around page 210. Wish they had chapter numbers!). So what you need to do now is to subclass <code>WebSecurityExpressionRoot</code> and introduce a new method <code>isAllowdForUserPages1To3</code>. Then you need to subclass <code>DefaultWebSecurityExpressionHandler</code> and modify the <code>createEvaluationContext</code> method so that its first request <code>StandartEvaluationContext</code> calls super (you need to cast the result to <code>StandartEvaluationContext</code>). Then, replace the <code>rootObject</code> in the <code>StandartEvaluationContext</code> using your new <code>CustomWebSecurityExpressionRoot</code> implementation. That's the hard part! Then, you need to replace the <code>expressionHandler</code> attribute of the <code>expressionVoter</code> (<code>WebExpressionVoter</code>) in the xml configuration with your new subclassed <code>DefaultWebSecurityExpressionHandler</code>. (This sucks because you first need to write a lot of security configuration explicity as you can't access them directly from the security namespace.)</li> </ul>
    singulars
    1. This table or related slice is empty.
    1. POCreating New Roles and Permissions Dynamically in Spring Security 3
      singulars
      1. PTQuestion
    1. PTAnswer
    1. This table or related slice is empty.
    1. USRalph
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POCreating New Roles and Permissions Dynamically in Spring Security 3
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COThanks a lot for giving this thing time and putting efforts. I really appreciate it.
      singulars
      1. PO
      1. USDark Drake
    2. COCan you please tell me any working example of this thing on net ? Because I cannot find proper code.
      singulars
      1. PO
      1. USDark Drake
    3. CO@Gurparsad Singh: sorry no, I have studied the book I have mentions and build something similar for the methodExpressions - but it is different and not public. (I guess you are asking for point 2).
      singulars
      1. PO
      1. USRalph
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload