Skip to content

mkrasuski/bug-9158

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
gradle/wrapper
gradle/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

bug-9158

this project demonsrates Spring Security Bug #9158

Security configuration adds filter granting user with ADMIN role, role hierarchy with ROLE_ADMIN > ROLE_USER and three endpoints showing that:

  • /admin mapped with @Secured works for granted ADMIN role
  • /user mapped with @Secured DOES NOT work for USER role granted via hierarchy
  • /userPre mapped with @PreAuth with spel hasRole(USER) works as supposed via hierarchy

probably just exchanging RoleVoter with RoleHierarchyVoter will do the trick, but I'm not sure what about regression

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages