What could be the problem ? When I use this annotation in my controller, it works fine, the page is only accessible for a ROLE_USER
@Secured("ROLE_USER")
This annotation works also :
@PreAuthorize("hasRole('ROLE_USER')")
When I move the same annotation to my Service, it doesn't work, the method is accessible without having the ROLE_USER role !! I'm testing Spring Security, My Service is just a test (TestService interface and its implementation), whether I put the annotation in the interface or in the implementation level, as if the annotation doesn't exist.
This is my dispatcher-servlet.xml file :
<security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled"/>
<bean id="TestService" class="myPackage.TestServiceImpl"/>
Thanks for helping
Aucun commentaire:
Enregistrer un commentaire