java - sec:authorize doesn't work for newly added users -


i have done spring security databbases tutorial mkyong. working fine, when i'm adding new user users , user_roles table , logining on these accounts sec:authorize access="hasrole('role_user')" doesn't work , data in sec:authorize tag isn't displayed.

there spring-security settings

<beans:beans xmlns="http://www.springframework.org/schema/security"     xmlns:beans="http://www.springframework.org/schema/beans"      xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"     xsi:schemalocation="http://www.springframework.org/schema/beans     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd     http://www.springframework.org/schema/security     http://www.springframework.org/schema/security/spring-security-3.2.xsd">      <!-- enable use-expressions -->     <http auto-config="true" use-expressions="true">          <intercept-url pattern="/admin**" access="hasrole('role_admin')" />          <!-- access denied page -->         <access-denied-handler error-page="/403" />          <form-login              login-page="/login"              default-target-url="/welcome"              authentication-failure-url="/login?error"              username-parameter="username"             password-parameter="password" />         <logout logout-success-url="/login?logout"  />         <!-- enable csrf protection -->         <csrf/>     </http>      <!-- select users , user_roles database -->     <authentication-manager>       <authentication-provider>         <jdbc-user-service data-source-ref="datasource"           users-by-username-query=             "select username,password, enabled users username=?"           authorities-by-username-query=             "select username, role user_roles username =?  " />       </authentication-provider>     </authentication-manager>  </beans:beans>

and there mentioned code sec:authorize block

<sec:authorize access="hasrole('role_user')">         <!-- login user -->         <c:url value="/j_spring_security_logout" var="logouturl" />         <form action="${logouturl}" method="post" id="logoutform">             <input type="hidden" name="${_csrf.parametername}"                 value="${_csrf.token}" />         </form>         <script>             function formsubmit() {                 document.getelementbyid("logoutform").submit();             }         </script>          <c:if test="${pagecontext.request.userprincipal.name != null}">             <h2>                 user : ${pagecontext.request.userprincipal.name} | <a                     href="javascript:formsubmit()"> logout</a>             </h2>         </c:if>       </sec:authorize>

i can check if user logged in in controller, sec:authorize doesn't work in session in newly created user logged in:

//this works if (!(auth instanceof anonymousauthenticationtoken)) {             userdetails userdetail = (userdetails) auth.getprincipal();             model.addobject("username", userdetail.getusername());         }

problem solved.

as @holmis83 suggested, have added 

<sec:authentication property="principal.authorities"/>

to check content of role column in user_roles table in db. turned out saving roles 'user_role' , should 'role_user'. have updated users roles proper values , works well.


Comments

Post a Comment

Popular posts from this blog

html - Outlook 2010 Anchor (url/address/link) -

i'm trying link specific pdf page msoutlook'10 or msword'10, #page=... anchor particularly useful , works fine elsewhere. unfortunately when click [ctr-k] in outlook or winword, links re-formatted assuming unc path. pdf file located on shared drive. using "file:" prefix links open pdf in adobe reader (outside of browser), , "http:" open inside browser. issue seem need open in browser "file:" prefix in order anchor work. know anchors work inside browser. outlook uses windows/explorer default program (based on file extension) seems open in adobe reader neglecting anchor. is aware of solution, link specific page or bookmark of shared-pdf ms outlook and/or winword link? common references: mailermailer.com/...anchor-tags-html-emails campaignmonitor.com/...anchor-links-in-email-newsletters/ stackoverflow.com/...anchor-in-pdf-document
Read more

javascript - Why does running this loop 9 times take 100x longer than running it 8 times? -

consider code: test = function() { } t = new test(); (var = 0; < 8; i++) { result = t instanceof test; } if change number of iterations 8 9 , loop take 100 times longer complete in latest version of firefox (41.0.1). tested on 2 different pcs , magic limit 8. here jsperf test used: http://jsperf.com/instanceof-8-times-vs-9-times does have idea why might happen? seems specific instanceof . not happen if else object, example check property. note: filed bugzilla bug this. jan de mooij mozilla team has posted details in bugzilla thread . here's simplistic interpretation of highly technical answers: in i < 8 case, firefox smart enough hoist result = t instanceof test; statement out of loop (according tests, doesn't seem omit altogether). in i < 9 case, apparently doesn't optimization . why? reason not clear, related fact 9 iterations threshold above function considered "hot" enough run through jit compiler. i < 8 cas...
Read more

Getting gateway time-out Rails app with Nginx + Puma running on Digital Ocean -

following this guide setup app on digital ocean droplet, not working. site not loading , it's throwing: "gateway time-out". the puma server works, since ps aux | grep puma prints: root 15878 0.0 0.4 376832 2168 ? sl 12:50 0:00 puma 2.13.4 (unix:///var/www/myapp/shared/tmp/sockets/myapp-puma.sock) [20150930164940] root 15881 0.0 0.7 903676 3692 ? sl 12:50 0:06 puma: cluster worker 0: 15878 [20150930164940] root 24654 0.0 0.1 11748 916 pts/2 s+ 18:00 0:00 grep --color=auto puma my nginx config: user root; worker_processes 1; events { worker_connections 1024; } http { upstream puma { server unix:///var/www/myapp/shared/tmp/sockets/myapp-puma.sock; } server { listen 80; server_name myapp.com; root /var/www/myapp/current/public; access_log /var/www/myapp/current/log/access.log; error_log /...
Read more