Speak now
Please Wait Image Converting Into Text...
Embark on a journey of knowledge! Take the quiz and earn valuable credits.
Challenge yourself and boost your learning! Start the quiz now to earn credits.
Unlock your potential! Begin the quiz, answer questions, and accumulate credits along the way.
Course Queries Syllabus Queries 2 years ago
Posted on 16 Aug 2022, this text provides information on Syllabus Queries related to Course Queries. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.
Turn Your Knowledge into Earnings.
I'm trying to use preAuthorize to protect url. Only people registered in the course can access the course. Here is my code:
Controller:
@Controller @RequestMapping(value = "/course/{courseId}") @PreAuthorize("@userService.isCurrentUserinCourse(authentication, courseId)") public class SyllabusController { @RequestMapping(value = { "/syllabus" }, method = RequestMethod.GET) public ModelAndView syllabusPage(@PathVariable("courseId") int courseId) { ...}
UserServiceImpl:
@Service("userService") public class UserServiceImpl implements UserService { @Autowired private UserDAO userDAO; @Override public boolean isUserinCourse(int userId, int courseId) { return userDAO.isUserinCourse(userId, courseId); } @Override public boolean isCurrentUserinCourse(Authentication authentication, int courseId) { if (!(authentication instanceof AnonymousAuthenticationToken)) { return isUserinCourse(((UserModel) authentication.getPrincipal()).getId(), courseId); } return false; }
spring-security.xml:
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd"> <global-method-security pre-post-annotations="enabled" /> <http auto-config="true" use-expressions="true">
and we I go to /course/{id}/syllabus without out login, it shows the page where it should not. And debug is not go into isCurrentUserinCourse(Authentication authentication, int courseId) method in UserServiceImpl. where
@PreAuthorize("@userService.isCurrentUserinCourse(authentication, courseId)")
You can get the authentication by following static method
SecurityContextHolder.getContext().getAuthentication()
and the courseId you need to change to #coureseId, and you need move this to the method, not class,so you can change to
courseId
#coureseId
@PreAuthorize("@userService.isCurrentUserinCourse(#courseId)") @RequestMapping(value = { "/syllabus" }, method = RequestMethod.GET) public ModelAndView syllabusPage(@PathVariable("courseId") int courseId) { ...}
No matter what stage you're at in your education or career, TuteeHub will help you reach the next level that you're aiming for. Simply,Choose a subject/topic and get started in self-paced practice sessions to improve your knowledge and scores.
Course Queries 4 Answers
Course Queries 5 Answers
Course Queries 1 Answers
Course Queries 3 Answers
Ready to take your education and career to the next level? Register today and join our growing community of learners and professionals.