1
@Postfilter没有被触发。Spring Security @Postfilter没有被触发
我的控制器有两种方法。 listJson方法调用list1方法来获取所有项目并以json格式返回它们。我有一个@Postfilter对list1方法来过滤项目和筛选器没有被触发。
该问题与配置无关。由于出于测试目的,我尝试将@Postfilter放在listJson方法上,并且它会触发。你能否在这件事上协助我?我会很感激。
@RequestMapping(produces = "application/json")
@ResponseBody
public String listJson(HttpServletRequest request, HttpServletResponse response) {
List<Project> items = list1(request, response, Project.class);
return JsonHelper.toJsonArray(items, request.getContextPath());
}
@PostFilter("hasPermission(filterObject, 'read')")
private List<Project> list1(HttpServletRequest request, HttpServletResponse response, Class<Project> clazz) {
Integer[] ia = WebHelper.getDojoGridPaginationInfo(request);
Integer firstResult = ia[0];
Integer lastResult = ia[1];
Entry<String, String> orderBy = WebHelper.getDojoJsonRestStoreOrderBy(request.getP arameterNames());
Where where = WebHelper.FromJsonToFilterClass(request.getParamet er("filter"));
List<Project> items = JpaHelper.findEntries(firstResult, lastResult - firstResult + 1, orderBy, where, clazz);
Integer totalCount = JpaHelper.countEntries(where, clazz).intValue();
WebHelper.setDojoGridPaginationInfo(firstResult, lastResult, totalCount, response);
return items;
}
webmvc-config.xml中
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true">
<security:expression-handler ref="expressionHandler"/>
</security:global-method-security>
<bean id="myPermissionEvaluator" class="org.springframework.security.acls.AclPermis sionEvaluator">
<constructor-arg ref="aclService" />
</bean>
<bean id="expressionHandler" class="org.springframework.security.access.express ion.method.DefaultMethodSecurityExpressionHandler" >
<property name="permissionEvaluator" ref="myPermissionEvaluator"/>
</bean>