spring mvc - SpringSecurity, security annotations and MVC validation -


i have restful application developed springmvc 4. use security annotations on service layer , works well. have following (common) situation: rest controller receives json needs validated, security on service layer validation performed before security control. means unaothorized user receives validation errors before access denied error.

i have tried move @secured annotation on controller method, strangely not work.

the ideal solution move validation in service layer, not seem possible.

what best solution in these cases?

@service public class myserviceimpl {     @secured("is_authenticated_fully")     public responsedto servicemethod(requestdto richiesta) {       //do stuff    }  }    @restcontroller @requestmapping("/api/v1/blabla") public class blablacontroller {      @autowired     myservice myservice;      @requestmapping(method=requestmethod.post)     @responsebody myresponsedto blablamethod(@requestbody @valid requestdto req) {       return myservice.servicemethod(req);     } } 

i answer own question.

the solution enable validation @ service layer , validate bean when service method invoked.

in applicationcontext.xml:

<bean class="org.springframework.validation.beanvalidation.methodvalidationpostprocessor"/> 

and in myservice interface:

@validated public interface myservice {     responsedto servicemethod(@valid requestdto richiesta); } 

hope helps else.


Comments

Popular posts from this blog

matlab - "Contour not rendered for non-finite ZData" -

delphi - Indy UDP Read Contents of Adata -

javascript - Any ideas when Firefox is likely to implement lengthAdjust and textLength? -