Prevent Method call without Exception using @PreAuthorize Annotation

Posted by Chepech on Stack Overflow See other posts from Stack Overflow or by Chepech
Published on 2011-01-07T00:18:29Z Indexed on 2011/02/17 15:25 UTC
Read the original article Hit count: 299

Filed under:
|

Hi all.

We are using Spring Security 3. We have a custom implementation of PermissionEvaluator that has this complex algorithm to grant or deny access at method level on the application. To do that we add a @PreAuthorize annotation to the method we want to protect (obviously). Everything is fine on that. However the behavior that we are looking for is that if a hasPermission call is denied, the protected method call only needs to be skipped, instead we are getting a 403 error each time that happens.

Any ideas how to prevent that?


You can find a different explanation of the problem here; AccessDeniedException handling during methodSecurityInterception

© Stack Overflow or respective owner

Related posts about spring

Related posts about spring-security