Most voted "spring-security" questions
Spring Security was previously known as Acegi Security because it was a parallel project to the Spring Framework and was gradually integrated into it. When I say 'integrated' I mean that it (Acegi Security) continued to be developed based on Spring, that is, it works perfectly on the Spring container.
Learn more…145 questions
Sort by count of
-
18
votes2
answers4712
viewsHow to create Permissions (Permissions) instead of Roles (Roles) in Spring Security?
I am developing an Access Control module for my web application using Spring Security (3.1.4 - the latest release) and ran into a limitation in the mechanism of Authorization, as the framework only…
-
13
votes1
answer487
viewsChange the scroll of spring-security by bean
I’m using the spring-security to authenticate my user, until then beauty, now I want to be able to exchange the user’s role for managed bean, someone has an idea? Type I have several modules and…
-
12
votes2
answers1221
viewsSpring Security with Java EE
Hello, I am developing a Maven Enterprise Application EAR project and am currently implementing the authorization part using Spring Security with Annotation instead of xml. Structure of the Project:…
-
12
votes2
answers669
viewsJAAS or Spring Security on page control
I’m doing an Eclipse project with JSF 2.2, JPA 2.1, Hibernate 5, Primefaces 5.3, CDI (Weld 1.1). I want to implement the security part of the application and I’m in doubt between JAAS and Spring…
-
9
votes1
answer817
viewsSpring Security, display message when log out
I am controlling the session of my application with Spring Security, I have two rules to end the session, max-Session <session-management> <concurrency-control max-sessions="1"…
-
8
votes3
answers644
viewsHow to create a "Main" in an application that consumes a REST service that has all the entities in the system?
I am with the following web application created initially for and web using Spring Boot, Spring Security and Thymeleaf (authentication and authorization). I did a REST job and separated the…
-
5
votes1
answer422
viewsHow to create a sign-up page using JSF + Spring
I am creating a user registration page but am finding the following error: type Exception report message Unable to create instance for class: managedBean.Cadastrobean. Description The server…
-
5
votes2
answers771
viewsHow to hide menu items using spring security?
I am using spring security to control access to my web application. I have already managed to implement the control that each type of user will have in relation to the urls, now I would like to hide…
-
5
votes1
answer2602
viewsget login username with Spring Security
Hello, I come here to ask for help about Spring Security. I would like to know how I can get the username logged in. I use authentication with login and password but when I use the search method it…
-
5
votes1
answer396
viewsHow to expose a bean method to use spring dependency injection
I need to expose a method like a bean on ApplicationContext of Spring to use it in the injection of an attribute, which has more than one implementation. What I did was the following: I added the…
-
4
votes1
answer359
viewsWhat programming should be done to use Spring Security with Jboss with annotations?
According to requirements of a project that is in the research phase, I need a large distributed system to work properly with Spring, at the moment I am having a lot of difficulties in integrating…
-
4
votes1
answer528
viewsProblems Implementing Spring Security
I am implementing Spring Security in a project, however, I have come across some problems. I will put the code of contexts, the part of web.xml for Spring Security and how I put it on a page for you…
-
4
votes3
answers2362
viewsHow to Recover User Session
I just wanted to retrieve a user’s session. I have a class called User system, that identifies which user is logging in. In this class, I take the session and play for an object. @ManagedBean(name =…
-
4
votes1
answer380
viewsProblem with Spring Security - page not located
When the user accesses a page that he does not have authorization for, it is to be directed to the page of AcessoNegado.xhtml. But it presents the following image: This page is located here:…
-
4
votes2
answers643
viewsHow to send an error message to view
I am a little lost here, I would like to put a parameter in the view to inform the user that his password is wrong, expired etc. the problem that spring-security identifies.…
-
4
votes1
answer348
viewsValidation of quantity of sessions with spring boot and spring security
I need to validate the number of sessions that may exist, so that the user cannot log into two places at the same time with the same credentials. Reading the Spring Security documentation and posts,…
-
4
votes1
answer744
viewsWhat are the dangers of keeping the Oauth2 token on the frontend?
I believe I am paranoid, but I could not find any situation similar to mine (if you know pass me the link, I am grateful) so I wanted to ask this question to get a definitive answer. Before the…
-
3
votes0
answers385
viewsExample of Spring Security Does not work in Jboss, what should be done to make the example compatible?
Continuing my studies in the use of Spring Security and Servelet 3.0 I am trying to follow the suggested examples in the tutorial Hello MVC - Running the insecure MVC Application, but such examples…
-
3
votes1
answer672
viewsHow to check if my spring application is in production environment?
when it is in production I want that when it falls into an exception send an email to the support but only in production , in development I do not want it to perform this task .
java spring spring-mvc spring-security spring-bootasked 9 years, 4 months ago Jose Vieira Neto 2,560 -
3
votes1
answer273
viewsCustom Session generated by spring
I have the following scenario: an application nodejs that saves the session in redis. another spring q application also saves the session in redis. I would like to share this same session between…
-
3
votes2
answers454
viewsHide screen options if user does not have permission
I’m having a hard time in a web application I’m creating here, I’m using spring security to control access, session and login, with backend java with restful and frontend with primefaces. I wonder…
-
3
votes1
answer811
viewsAuthentication with Spring Security
Hello, I am doing a project using the Spring Framework, and I need to do a very simple authentication, using users created in the user table even (without any integration with social networks). But…
-
3
votes0
answers940
viewsDifficulty implementing password encryption with Spring Boot
By the title you can see that it is a Spring Boot project, and being a Spring Boot project many things already come configured by Frameworks, but do not know regarding the implementation of password…
-
3
votes1
answer248
viewsHyperlink login with user and password in email with JSF and Spring Secutity
I have a system in JSF(with primefaces) with spring security. When the user registers it receives an e-mail with user and password. Okay - It works. However I would like to send in the body of the…
-
3
votes2
answers3143
views.antMatchers(). permitAll() does not seem to work
Edit02 Habilitei spring-security in my project, and now every API needs authentication, perfect was what I needed. But I want only one API not to need authentication. I tried to use…
-
3
votes2
answers295
viewsError in Spring: console Delete request points out that the method is not supported
I am making a request via Ajax to delete a user and get the message that the delete method is not supported, someone has any idea what could be? My controller: package com.br.livraria.controller;…
-
3
votes1
answer349
viewsJWT token with spring, for user authentication
When trying to validate this method: Jws<Claims> parseClaimsJws = setSigningKey.parseClaimsJws(token);, it shows this exception on the screen JWT signature does not match locally computed…
-
3
votes4
answers5979
viewsError while running spring security
I’m having the following mistake: Field authenticationManager in com.ronaldo.money.api.config.AuthorizationServerConfig required a bean of type…
-
3
votes1
answer1050
viewsSpring Security blocks POST requests despite settings
I am developing a REST API based on Spring Boot (spring-boot-starter-web) where I use Spring Security (spring-security-core and spring-security-config) to configure the protection of different…
-
3
votes1
answer709
viewsCustomization Spring Security 403
Fala galera! Follow my lead: I have an application with JWT authentication. The authentication is done in the database and I need to add now 2 more validations: failed count on login and registered…
-
3
votes1
answer108
viewsAuthentication Spring Security
PROBLEM How do I have spring security redirect to my project’s custom page? import org.springframework.context.annotation.Bean; import…
-
2
votes1
answer125
viewsStruts2 with Spring Security Oauth2 plugin
I wonder if it is possible to use the Oauth2 plugin of Spring Security with Struts2 or if this plugin has some restriction that only allows to work in Springmvc?
-
2
votes1
answer109
viewsChange Active Profiles Spring at runtime
I usually use this code snippet to define the profile of the application <servlet> <servlet-name>dispatcher</servlet-name>…
-
2
votes1
answer96
viewsIs it possible to have multiple form-login with Spring Security in the same application?
Well the starting question may seem a little confusing, but basically I would like to know if it is possible to have more than one spring validation form security:form-login, because I have in my…
-
2
votes0
answers305
viewsError while logging in with Spring Security and JSF
I am trying to implement a login with Spring Security 4.0.1.RELEASE and JSF 2.2, when trying to log in it always returns as invalid login. login.xhtml <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0…
-
2
votes1
answer210
viewsCustomize error page to connect timed out in Spring
I’m trying to create a friendly error page in case LDAP is off the air, but unfortunately the only answer I have is j_spring_security_check. I tried to map the exception in web.xml, but I was…
-
2
votes1
answer649
viewsJSF 2, CDI 1.1, Springsecurity 4: Custom login form does not redirect to page
I’m making an application with JSF 2, Springsecutiry 4 and CDI 1.1. I did the entire implementation of Springsecurity with JSF and apparently everything worked normally, but when making the custom…
-
2
votes1
answer455
viewsRecover Cookies in Spring Security Authentication
How can I recover cookies when the user logs in through Spring Security and with the implementation of the interface AuthenticationProvider? If I recover an instance of HttpServletRequest from a…
-
2
votes1
answer311
viewsRepository - Record Filter according to user permission
Searching on how to filter records with Restpository, I found the annotations: @Preauthorize @Prefilter @Postfilter It has 2 roles in the system: ROLE_ADMIN and ROLE_USER and ROLE_ADMIN can access…
-
2
votes2
answers2249
viewsHow to release CORS to a particular address?
I’m not getting the release CORS for http://localhost:8080, am using Spring Security. I find the following error: Xmlhttprequest cannot load http://localhost:9991/login. Response to preflight…
-
2
votes0
answers483
viewsSpring Security Oauth2 in API Rest
Good morning. I have a Web Service Rest implemented and I am working on the security of it at the moment. This Web Service has been implemented using Spring Boot. Initially I will have as customers…
-
2
votes1
answer1094
viewsHow do I login to Spring Security, JSF 2.2, and Managedbean?
Hello. I need some help. I am configuring Spring Security in a JSF Project 2.2. Using Annotation. I’ve been able to configure the filters. But I don’t understand how to configure login Managedbean…
-
2
votes0
answers159
viewsSpring secutity Oauth2
It generates the token { "access_token": "0b42ea14-6a21-44fc-9f65-df60f9130542", "token_type": "bearer", "refresh_token": "3653d5f8-161a-4ee2-b3b5-df9e1da4b9a7", "expires_in": 498, "scope": "bar…
-
2
votes0
answers78
viewsInject EJB in Bean Spring
I’m working on a Java EE + Primefaces + JPA project with EJB. In the authentication part I decided to use Spring Security, but I’m having a hard time getting the EJB inside the Spring controller. I…
-
2
votes0
answers223
viewsGet User name in jsf session
I’m having doubts about how to get the username in the session. I’m using Spring Security 4.2 I have my User Class import javax.persistence.Entity; import javax.persistence.GeneratedValue; import…
-
2
votes1
answer137
viewsProblems with improper access to urls in the application with Spring Security
I have a page, which uses Thymeleaf to update a user’s profile and on this page there are two buttons that allow you to update the profile and the other button allows you to remove the profile of…
-
2
votes1
answer163
viewsHow to configure the Auditor using Spring Boot 2.0.2
Here’s a class I used with spring framework version 4.3.4.RELEASE (I still didn’t use spring boot) and that worked: import org.springframework.data.domain.AuditorAware; import…
-
2
votes0
answers45
viewsJWT + Spring Security without authentication
Good afternoon, you guys. I have an application where I receive a JWT token, login is treated in a separate application and in this token I get the roles. I need to use Spring Security to validate…
-
2
votes1
answer738
viewsPermissions Spring Security
I’m having trouble with the user permissions using Spring Security. I registered the user assigns to him the permission due to him, but when accessing the system the option in the menu that the user…
-
2
votes0
answers256
viewslocalhost redirected it too often
Good afternoon, I am trying to direct a system user to an error page in case something goes wrong with the session or if the user is denied access to a particular page etc... I’m using Spring…