SEC-2419: [patch] Impossible to set the PublishAuthorizationSuccess flag on FilterSecurityInterceptor using JavaConfig #2636
Assignees
Labels
in: config
An issue in spring-security-config
status: declined
A suggestion or change that we don't feel we should currently apply
type: enhancement
A general enhancement
type: jira
An issue that was migrated from JIRA
Comments
|
Rob Winch said: We don't want to add every property to the Spring Security configuration support for the same reason that we do not want to add every property to the XML namespace configuration. IF we did add every property, the complexity of using the Security Java Configuration would be the same as using standard Spring Beans. Instead, I suggest that you use the ObjectPostProcessor. This was not previously documented, so I have added it to the reference as part of SEC-2424. Refer to the commit for a full example 0b996c6 |
|
Mat Booth said: I see, thanks for the hint. |
|
Rob Winch said: No problem. Thanks for raising the issue which brought to light that withPostProcessor was not documented yet! |
spring-projects-issues
added
in: config
rwinch
added
the
status: declined
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Mat Booth (Migrated from SEC-2419) said:
When configuring with the ExpressionUrlAuthorizationConfigurer I am able to set the "OncePerRequest" flag on the FilterSecurityInterceptor with the following code:
But I am not able to set the "PublishAuthorizationSuccess" flag in a similar way. The pull request makes a change to the AbstractInterceptUrlConfigurer that makes possible the following configuration:
The text was updated successfully, but these errors were encountered: