java - spring security filter chain patterns -

-

when using spring security map chain of filters url patters specify how urls secured. these patterns can contain wildcards such as

/foo/*/bar /foo/**/bar

i couldn't find docs these wildcards, guess first pattern match

/foo/baz/bar

but not

/foo/baz/baz/bar

whereas second pattern (/foo/**/bar) match both of these

maybe code help:

<?xml version="1.0" encoding="utf-8"?> <beans xmlns="http://www.springframework.org/schema/beans"     xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns:security="http://www.springframework.org/schema/security"     xmlns:p="http://www.springframework.org/schema/p"     xsi:schemalocation="http://www.springframework.org/schema/beans                            http://www.springframework.org/schema/beans/spring-beans.xsd                            http://www.springframework.org/schema/security                            http://www.springframework.org/schema/security/spring-security-3.1.xsd">      <security:http auto-config="true">          <security:intercept-url pattern="/login.do"             access="is_authenticated_anonymously" />         <security:intercept-url pattern="/logout.do"             access="is_authenticated_anonymously" />         <security:intercept-url pattern="/fail2login.do"             access="is_authenticated_anonymously" />         <security:intercept-url pattern="/json/*.do"             access="is_authenticated_anonymously" />          <security:intercept-url pattern="/*" access="role_admin" />         <security:form-login login-page="/login.do"             default-target-url="/home.do" authentication-failure-url="/fail2login.do" />          <security:session-management>             <security:concurrency-control                 max-sessions="1" />         </security:session-management>         <security:logout logout-success-url="/logout.do"             delete-cookies="jsessionid" invalidate-session="true" />     </security:http>      <security:authentication-manager>         <security:authentication-provider>             <security:jdbc-user-service                 data-source-ref="datasource"                 users-by-username-query="select username, password, status user username=?"                 authorities-by-username-query="select us.username, ur.userrolename user us, userrole ur                    ur.username =?  " />         </security:authentication-provider>     </security:authentication-manager> </beans>

Comments

Post a Comment

Popular posts from this blog

python - How to create jsonb index using GIN on SQLAlchemy? -

-
here's current code creating index jsonb. index("mytable_data_idx_id_key", mytable.data['id'].astext, postgresql_using='gin') but got error. sqlalchemy.exc.programmingerror: (psycopg2.programmingerror) data type text has no default operator class access method "gin" hint: must specify operator class index or define default operator class data type. [sql: "create index event_data_idx_id_key on event using gin ((data ->> 'id'))"] is there way create index on sqlalchemy? the postgresql specific sqlalchemy docs @ http://docs.sqlalchemy.org/en/latest/dialects/postgresql.html#operator-classes mention postgresql_ops dictionary provide "operator class" used postgresql, , provide example illustrating use: index('my_index', my_table.c.id, my_table.c.data, postgresql_ops={ 'data': 'text_pattern_ops', ...
Read more

PHP DOM loadHTML() method unusual warning -

-
i had following code works fine on localhost: $document = new domdocument(); $document->loadhtml($p_result); $form = $document->getelementsbytagname('form')->item(0); // code continues using $form variable after same code updated on outside server, loadhtml() failed , issued warning. warning: domdocument::loadhtml() expects parameter 1 valid path, string given in path/name/to/script.php returned null instead of object code pretty gets fatal error. note contents of $p_result absolutely same on outside server , on localhost. but why displays kind of warning , why not work? doesn't loadhtml() expects argument 1 string in first place? why method expects parameter 1 valid path ? just make clear i'm not calling loadhtmlfile() , i'm calling loadhtml() . thanks. you're affected one of php bugs . issue present in php 5.6.8 , 5.6.9. have affected php version on server, , bug-free version on localhost. the bug forbids null ...
Read more

c# - TransactionScope not rolling back although no complete() is called -

-
i'm using transactionscope rollback transaction fail bool errorreported = false; action<importerrorlog> newerrorcallback = e => { errorreported = true; errorcallback(e); }; using (var transaction = new transactionscope()) { foreach (importtaskdefinition task in taskdefinition) { loader.load(streamfile, newerrorcallback, task.destinationtable, processingtaskid); } if (!errorreported) transaction.complete(); } i'm sure there no transactionscope started ahead or after code. i'm using entity framework insert in db. regardless state of errorreported transaction never rolled in case of error. what missing ? transactionscope sets transaction.current . that's does. wants transacted must @ property. i believe ef each time connection opened reason. probably, connection open when scope installed. open connection inside of scope or enlist manually. ef has nasty "design decision": default opens ...
Read more