spring mvc - SpringSecurity, security annotations and MVC validation -
i have restful application developed springmvc 4. use security annotations on service layer , works well. have following (common) situation: rest controller receives json needs validated, security on service layer validation performed before security control. means unaothorized user receives validation errors before access denied error.
i have tried move @secured annotation on controller method, strangely not work.
the ideal solution move validation in service layer, not seem possible.
what best solution in these cases?
@service public class myserviceimpl { @secured("is_authenticated_fully") public responsedto servicemethod(requestdto richiesta) { //do stuff } } @restcontroller @requestmapping("/api/v1/blabla") public class blablacontroller { @autowired myservice myservice; @requestmapping(method=requestmethod.post) @responsebody myresponsedto blablamethod(@requestbody @valid requestdto req) { return myservice.servicemethod(req); } }
i answer own question.
the solution enable validation @ service layer , validate bean when service method invoked.
in applicationcontext.xml:
<bean class="org.springframework.validation.beanvalidation.methodvalidationpostprocessor"/>
and in myservice interface:
@validated public interface myservice { responsedto servicemethod(@valid requestdto richiesta); }
hope helps else.
Comments
Post a Comment