Change spring-security role by bean

12

I'm using spring-security to authenticate my user, until now, I want to be able to change the user role for managed bean , does anyone have an idea?

Type I have several modules and each user has a role for each module then when he clicks on the module I want to get the session user to see the database what his role is and then move to the module.

Thatis,IhaveascreenwheretheuserlogsintothesystemandthemodulesthathehasaccesstoappearbutIdidnotloadhispermissionsineachmodulewhenIclickonthemoduleIwanttogotothebankandgettherolethathasaccesstothismodulemodule,belowthescreenexample:

You will see that I have a user logged in with the role_root and when he clicks the SAR he has to have the role_user.

    
asked by anonymous 04.05.2015 / 21:36

1 answer

0

To solve your problem you will have to implement HandlerInterceptorAdapter and validate through the url's calls.

Para isso adicione em suas configurações: 

    <mvc:interceptor>
        <mvc:mapping path="/**" />
        <bean class="com.exemplo.security.RequestInterceptor" />
    </mvc:interceptor>

And implement the same:

public class RequestInterceptor extends HandlerInterceptorAdapter {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {


        if (request.getServletPath().endsWith("/login"))
            return super.preHandle(request, response, handler);

        // não validar requisição de arquivos do resources. CSS, JS
        if  (request.getServletPath().startsWith("/resources/")) {
            return super.preHandle(request, response, handler);
        }


        // valida URL
        String urlRequest = request.getServletPath();

        // faz sua regra de negocio

    }
}

Get the database system area that the user can access and validate if the url corresponds to the area that the user can access.

    
28.09.2015 / 18:48