@Override public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { // remove this if you are not using JSR-250 if(bean instanceof Jsr250MethodSecurityMetadataSource) { ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(null); } if(bean instanceof DefaultMethodSecurityExpressionHandler) { ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null); } if(bean instanceof DefaultWebSecurityExpressionHandler) { ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null); } if(bean instanceof SecurityContextHolderAwareRequestFilter) { ((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(""); } if(bean instanceof RoleVoter){ ((RoleVoter) bean).setRolePrefix(""); } return bean; }
@Override public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { // remove this if you are not using JSR-250 if (bean instanceof Jsr250MethodSecurityMetadataSource) { ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(this.rolePrefix); } if (bean instanceof DefaultMethodSecurityExpressionHandler) { ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix); } if (bean instanceof DefaultWebSecurityExpressionHandler) { ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix); } if (bean instanceof SecurityContextHolderAwareRequestFilter) { ((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix(this.rolePrefix); } return bean; }
@Override public Object postProcessAfterInitialization( Object bean, String beanName ) throws BeansException { if ( bean instanceof Jsr250MethodSecurityMetadataSource ) { ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix( null ); } if ( bean instanceof DefaultMethodSecurityExpressionHandler ) { ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix( null ); } if ( bean instanceof DefaultWebSecurityExpressionHandler ) { ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix( null ); } if ( bean instanceof SecurityContextHolderAwareRequestFilter ) { ((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix( "" ); } return bean; }
@Override public Object postProcessAfterInitialization(final Object bean, final String beanName) { if (bean instanceof DefaultMethodSecurityExpressionHandler) { ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null); } if (bean instanceof DefaultWebSecurityExpressionHandler) { ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null); } if (bean instanceof SecurityContextHolderAwareRequestFilter) { SecurityContextHolderAwareRequestFilter filter = (SecurityContextHolderAwareRequestFilter) bean; filter.setRolePrefix(StringUtils.EMPTY); try { filter.afterPropertiesSet(); } catch (ServletException e) { throw new FatalBeanException(e.getMessage(), e); } } return bean; }
@Override public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { // remove this if you are not using JSR-250 if (bean instanceof Jsr250MethodSecurityMetadataSource) { ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(null); } if (bean instanceof DefaultMethodSecurityExpressionHandler) { ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null); } if (bean instanceof DefaultWebSecurityExpressionHandler) { ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null); } if (bean instanceof SecurityContextHolderAwareRequestFilter) { ((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix(""); } return bean; }
/** * JSP / Thymeleaf Permissions */ @Bean public DefaultWebSecurityExpressionHandler webExpressionHandler(){ return new DefaultWebSecurityExpressionHandler(){{ setPermissionEvaluator(permissionEvaluator()); }}; }
/** * Gets the {@link SecurityExpressionHandler} which is used for role hierarchy definition * * @return authenticationTokenFilter */ private SecurityExpressionHandler<FilterInvocation> expressionHandler() { DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler(); defaultWebSecurityExpressionHandler.setRoleHierarchy(roleHierarchy()); return defaultWebSecurityExpressionHandler; }
@Override public void configure(WebSecurity web) throws Exception { web.expressionHandler(new DefaultWebSecurityExpressionHandler() { @Override protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, FilterInvocation fi) { WebSecurityExpressionRoot root = (WebSecurityExpressionRoot) super.createSecurityExpressionRoot(authentication, fi); //root.setDefaultRolePrefix(""); //remove the prefix ROLE_ return root; } }); }
private SecurityExpressionHandler<FilterInvocation> webExpressionHandler() { DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler(); defaultWebSecurityExpressionHandler.setDefaultRolePrefix(""); return defaultWebSecurityExpressionHandler; }
@Bean public SecurityExpressionHandler<FilterInvocation> webSecurityExpressionHandler(RoleHierarchy roleHierarchy) { final DefaultWebSecurityExpressionHandler handler = new CustomWebSecurityExpressionHandler(); handler.setRoleHierarchy(roleHierarchy); return handler; }
@Bean public DefaultWebSecurityExpressionHandler getWebExpressionHandler() { DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler(); handler.setPermissionEvaluator(getPermissionEvaluator()); return handler; }
private SecurityExpressionHandler<FilterInvocation> webExpressionHandler() { DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler(); defaultWebSecurityExpressionHandler.setRoleHierarchy(roleHierarchy); return defaultWebSecurityExpressionHandler; }
private SecurityExpressionHandler<FilterInvocation> webExpressionHandler() { DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler(); defaultWebSecurityExpressionHandler.setRoleHierarchy(roleHierarchy()); return defaultWebSecurityExpressionHandler; }
@Bean public DefaultWebSecurityExpressionHandler webexpressionHandler(){ return new DefaultWebSecurityExpressionHandler(); }
private SecurityExpressionHandler<FilterInvocation> webExpressionHandler() { DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler(); handler.setRoleHierarchy(roleHierarchy()); return handler; }