1
@Postfilter沒有被觸發。Spring Security @Postfilter沒有被觸發
我的控制器有兩種方法。 listJson方法調用list1方法來獲取所有項目並以json格式返回它們。我有一個@Postfilter對list1方法來過濾項目和篩選器沒有被觸發。
該問題與配置無關。由於出於測試目的,我嘗試將@Postfilter放在listJson方法上,並且它會觸發。你能否在這件事上協助我?我會很感激。
@RequestMapping(produces = "application/json")
@ResponseBody
public String listJson(HttpServletRequest request, HttpServletResponse response) {
List<Project> items = list1(request, response, Project.class);
return JsonHelper.toJsonArray(items, request.getContextPath());
}
@PostFilter("hasPermission(filterObject, 'read')")
private List<Project> list1(HttpServletRequest request, HttpServletResponse response, Class<Project> clazz) {
Integer[] ia = WebHelper.getDojoGridPaginationInfo(request);
Integer firstResult = ia[0];
Integer lastResult = ia[1];
Entry<String, String> orderBy = WebHelper.getDojoJsonRestStoreOrderBy(request.getP arameterNames());
Where where = WebHelper.FromJsonToFilterClass(request.getParamet er("filter"));
List<Project> items = JpaHelper.findEntries(firstResult, lastResult - firstResult + 1, orderBy, where, clazz);
Integer totalCount = JpaHelper.countEntries(where, clazz).intValue();
WebHelper.setDojoGridPaginationInfo(firstResult, lastResult, totalCount, response);
return items;
}
webmvc-config.xml中
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true">
<security:expression-handler ref="expressionHandler"/>
</security:global-method-security>
<bean id="myPermissionEvaluator" class="org.springframework.security.acls.AclPermis sionEvaluator">
<constructor-arg ref="aclService" />
</bean>
<bean id="expressionHandler" class="org.springframework.security.access.express ion.method.DefaultMethodSecurityExpressionHandler" >
<property name="permissionEvaluator" ref="myPermissionEvaluator"/>
</bean>