O'Reilly logo

Spring MVC Cookbook by Alex Bretet

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Authorizing on services and controllers

In this recipe, we restrict the access to services and controllers depending upon the authorities that are granted to users.

Getting ready

We are going to install interceptors on specific URL paths and method-invocations, which will trigger a predefined authorization workflow: the AbstractSecurityInterceptor workflow.

In order for us to test these services' restrictions, we also slightly customized the Swagger UI to use it over a BASIC authentication.

How to do it...

  1. We updated our CustomBasicAuthenticationEntryPoint class for this new version that allows the browser native BASIC-form to be prompted when the call is made from Swagger UI:
    public class CustomBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoint ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required