jpa - spring-data-rest and spring security circular reference when using security annotations in user repository -

-


jpa - spring-data-rest and spring security circular reference when using security annotations in user repository -

i got problem custom userdetailservice , circular reference. add together @preauthorize annotation customerrepository circular reference error. it's clear has happen cause userdetailservice uses well. question how can solve circular reference? using spring-data-rest , spring-security.

code below should illustrate needed reproduce error

package demo; import org.springframework.beans.factory.annotation.autowired; import org.springframework.boot.commandlinerunner; import org.springframework.boot.springapplication; import org.springframework.boot.autoconfigure.enableautoconfiguration; import org.springframework.context.annotation.componentscan; import org.springframework.context.annotation.configuration; @configuration @componentscan @enableautoconfiguration public class springtestapplication implements commandlinerunner{ @autowired private customerrepository customerrepository; public static void main(string[] args) { springapplication.run(springtestapplication.class, args); } @override public void run(string... args) throws exception { client admin = customerrepository.save(new customer("demo", "1234")); } }

-

package demo; import org.springframework.beans.factory.annotation.autowired; import org.springframework.context.annotation.configuration; import org.springframework.security.config.annotation.authentication.builders.authenticationmanagerbuilder; import org.springframework.security.config.annotation.method.configuration.enableglobalmethodsecurity; import org.springframework.security.config.annotation.web.builders.httpsecurity; import org.springframework.security.config.annotation.web.configuration.enablewebsecurity; import org.springframework.security.config.annotation.web.configuration.websecurityconfigureradapter; @configuration @enableglobalmethodsecurity(prepostenabled = true) @enablewebsecurity public class securityconfiguration extends websecurityconfigureradapter{ @autowired private demouserdetailservice demouserdetailservice; @override protected void configure(authenticationmanagerbuilder auth) throws exception { auth.userdetailsservice(demouserdetailservice); } @override protected void configure(httpsecurity http) throws exception { http.authorizerequests().anyrequest().fullyauthenticated(); http.httpbasic(); http.csrf().disable(); } }

-

package demo; import java.util.arrays; import org.springframework.beans.factory.annotation.autowired; import org.springframework.security.core.authority.simplegrantedauthority; import org.springframework.security.core.userdetails.user; import org.springframework.security.core.userdetails.userdetails; import org.springframework.security.core.userdetails.userdetailsservice; import org.springframework.security.core.userdetails.usernamenotfoundexception; import org.springframework.stereotype.service; @service public class demouserdetailservice implements userdetailsservice { private final customerrepository customerrepository; @autowired public demouserdetailservice(customerrepository customerrepository){ this.customerrepository = customerrepository; } @override public userdetails loaduserbyusername(string username) throws usernamenotfoundexception { client customer = customerrepository.findbyusername(username).get(); boolean enabled = true; boolean accountnonexpired = true; boolean credentialsnonexpired = true; boolean accountnonlocked = true; homecoming new user( customer.getusername(), customer.getpassword(), enabled, accountnonexpired, credentialsnonexpired, accountnonlocked, arrays.aslist(new simplegrantedauthority("role_admin")) ); } }

-

package demo; import java.util.optional; import org.springframework.data.repository.pagingandsortingrepository; import org.springframework.security.access.prepost.preauthorize; public interface customerrepository extends pagingandsortingrepository<customer, long>{ @preauthorize("hasrole('role_admin')") optional<customer> findbyusername(string username); }

-

package demo; import javax.persistence.entity; import javax.persistence.generatedvalue; import javax.persistence.id; @entity public class client { @id @generatedvalue private long id; private string username; private string password; public customer(){} public customer(string username, string password){ this.username = username; this.password = password; } public long getid() { homecoming id; } public void setid(long id) { this.id = id; } public string getusername() { homecoming username; } public void setusername(string username) { this.username = username; } public string getpassword() { homecoming password; } public void setpassword(string password) { this.password = password; } }

use mechanism userdetailsservice, accessing database through jdbc etc. or create sec repository used userdetailsservice , doesn't contain security annotations.

spring jpa spring-security spring-data-rest

Comments

Post a Comment

Popular posts from this blog

java - How to set log4j.defaultInitOverride property to false in jboss server 6 -

-
java - How to set log4j.defaultInitOverride property to false in jboss server 6 - how set log4j property false in jboss. not using log4j in application still property has set true. the reason, why trying set property false is, suspecting property overrides java.util.logging.logger configuration provided application. might because of this, log file not getting generated. boot.log infomation below: 02:46:10,495 debug [serverinfo] log4j.defaultinitoverride: true 02:46:10,496 debug [serverinfo] org.jboss.deployers.spi.deployer.matchers.nameignoremechanism: org.jboss.deployers.spi.deployer.helpers.dummynameignoremechanism 02:46:10,496 debug [serverinfo] org.jboss.logging.logger.pluginclass: org.jboss.logging.logmanager.loggerpluginimpl i have found in boot.log in jboss. in 1 of blog, developers told me that, log4j.defaultinitoverride property should set false avoid override of java.util.logging.logger. comment same if wrong. java logging jboss log4j
Read more

c - GStreamer 1.0 1.4.5 RTSP Example Server sends 503 Service unavailable -

-
c - GStreamer 1.0 1.4.5 RTSP Example Server sends 503 Service unavailable - i'm trying create rtsp server based on gstreamer 1.0 1.4.5 plugin. source code of illustration taken here. with_tls , with_auth flags not enabled. i'm compiling using visual studio 2013 community edition. project building , running successfully. when i'm trying play video using vlc on address rtsp://127.0.0.1:8554/test says can't open mrl. recorded traffic (using rawcap) of communication between compiled server , vlc player following: request: options rtsp://127.0.0.1:8554/test rtsp/1.0 cseq: 2 user-agent: libvlc/2.2.0 (live555 streaming media v2014.07.25) response: rtsp/1.0 200 ok cseq: 2 public: options, describe, get_parameter, pause, play, setup, set_parameter, teardown server: gstreamer rtsp server date: thu, 09 apr 2015 03:35:30 gmt request: describe rtsp://127.0.0.1:8554/test rtsp/1.0 cseq: 3 user-agent: libvlc/2.2.0 (live555 streaming media v2014.07.25) accept: applicat...
Read more

Using ajax with sonata admin list view pagination -

-
Using ajax with sonata admin list view pagination - i'm using sonata admin in project. in list view sonata refresh page when clik sec list pagination. that's default behavior of sonata.is there way utilize ajax phone call list view pagination !!! same question when using sortable list view. thanks. this possible, have overwrite of basic functionality of sonata admin bundle. tested symfony 2.6.6 sonata admin-bundle dev-master (4f23e1a30e49681bf8ebdbbae549848784be7699) 1. edit bundles services.yml you have implement own crudcontroller , new list template. tell in services.yml sonata.admin.youradmin: class: your\bundle\admin\youradmin tags: - { name: sonata.admin, manager_type: orm, group: "groupname", label: "grouplabel" } arguments: - ~ - your\bundle\entity\entityclass - yourbundle:yournewcrud # <- add together crud class here calls: ...
Read more