https://github.com/bitsofinfo/spring-boot-pre-authorize-issue-01
https://github.com/spring-projects/spring-security/issues/4020
https://github.com/bitsofinfo/spring-boot-pre-authorize-issue-01
Last synced: 10 months ago
JSON representation
https://github.com/spring-projects/spring-security/issues/4020
- Host: GitHub
- URL: https://github.com/bitsofinfo/spring-boot-pre-authorize-issue-01
- Owner: bitsofinfo
- Created: 2016-08-09T20:59:33.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2016-08-12T00:27:21.000Z (over 9 years ago)
- Last Synced: 2025-01-29T11:12:55.513Z (12 months ago)
- Language: Java
- Homepage:
- Size: 53.7 KB
- Stars: 0
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# spring-boot-pre-authorize-issue-01
https://github.com/spring-projects/spring-security/issues/4020
https://gitter.im/spring-projects/spring-security?at=57a9d71346610f17394b8ed5
In `Application.java`
Uncomment the block below for have `@PreAuthorize` annotations defined in `TestRecordRepository`
**NOT be evaluated** (unexpected)
Comment out the block, and `@PreAuthorize` annotations in `TestRecordRepository` will work as expected
See: `MyPermissionEvaluator.java` which will be executed as evidence of the
`@PreAuthorize` annotations working or not (prints to STDOUT)
```
@Autowired
private TestRecordRepository testRecordRepository;
```
```
./gradlew bootRun
```
To invoke, hit `http://localhost:8080/testrecords/search/findByFirstname?fn=1`
If the `@PreAuthorize` annotations are being evaluated you will see entries like the following
on the console stdout on each request:
```
hasPermission() org.springframework.security.authentication.AnonymousAuthenticationToken@9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS target: 1 perm:READ
```