I need to extend an application developed in Spring platform. I have a number of tasks in different categories and a number of users in different groups. Each task, depending on its category, must go through different stages from beginning to completion (a predefined flow). At each stage, operations such as editing, deleting, or other customized operations may be applied on each task, depending on the user's access level. Some operations may not be applicable on some tasks. For example, it is possible to delete a task from the first category by a user from the first group, while a user from the second group can delete the task only when the task satisfy certain conditions. Similarly, a task from the second category cannot be deleted by the user of the first group. In addition new roles (new user group) or operations on tasks may be added in future. I want to use Spring Security for implementing the described access control but I'm new at Spring Security and ACL. I don't have enough time to study Spring Security comprehensively. I will be grateful if anyone can give me a quick and suitable guide for this implementation.
Implementing customized Access Control using Spring Security and ACL
25 Views Asked by H.Morshedlou At
0
There are 0 best solutions below
Related Questions in SPRING
- HTTPS configuration in Spring Boot, server returning timeout
- Multi Tenancy in Spring - Partitioned Data Approach
- How to create beans of the same class for multiple template parameters in Spring
- org.telegram.telegrambots.meta.exceptions.TelegramApiException: Bot token and username can't be empty
- Springboot: How to get an entity optional property and check null?
- How do I propagate the current SecurityContext to my @RabbitListener in Spring Boot?
- Spring's XML based bean configuration for Object Mapper's Case Insensitive property
- Failed to configure a DataSource: 'url' attribute is not specified and no embedded datasource could be configured. I'm using Postgresql
- springboot class org.hibernate.mapping.Bag cannot be cast to class org.hibernate.mapping.SimpleValue
- Issue while deploying JDK 17 and Spring 6 application in Tomcat 10.1.20
- Spring JPA Data Auditing - How to design it?
- Springframework test: Async not started
- Error: Cannot invoke "jakarta.servlet.http.HttpSession.getAttribute(String)" because "session" is null
- How does spring-retry determine which methods to retry when @Retryable is placed at the class level?
- problem with edge server registration in Eureka
Related Questions in SPRING-SECURITY
- How do I propagate the current SecurityContext to my @RabbitListener in Spring Boot?
- Spring security causing 404 with message "No static resource login"
- Spring JPA Data Auditing - How to design it?
- Spring 3 - Security: How to rebuild authManager () usage?
- Error: Cannot invoke "jakarta.servlet.http.HttpSession.getAttribute(String)" because "session" is null
- how to use ldap authentication with permission taken from db without needing password in UserDetails
- This error occurred when using springsecurity for database user verification: IllegalArgumentException
- Issue with configuring SpringSecurity to allow URLs in FilterChain
- getting React Hook "useSetupInterceptors" cannot be called at the top level when try to use useSignOut hook
- Spring Authorization Server `JdbcOAuth2AuthorizationService` does not save custom User object
- Customize Authorization Code claims with Spring OAuth2 Authorization Server 3.2.4
- Spring Security Reactive OAuth2 Client: Options for Customizing Refresh Endpoint
- Repository injection in an handler spring boot class performance
- Spring Security mix form based and http basic authentication
- SecurityContextHolder.getContext().getAuthentication() is null
Related Questions in ACL
- How to send message to syslog agent in plsql
- Double permission entries in folder
- How to create a file with rw permissions(0600) on the current user only in Go for Windows?
- Get Apache to create files as the web site owner
- how to create ACL for microservice
- Consul ACL - Policies
- How can I pass ACL inside upload method of gcloud-aio-storage client library?
- Set acl in haproxy based on client ip using map_ip
- No such object (32) error is occuring:ldapsearch -x -LLL -H ldap://IP -D "cn=admin,dc=mynewdomain,dc=com" -W -b cn=config "(objectClass=*)"
- Set permission to users during databricks notebook runtime
- ClickHouse dry run query
- Prevent searching mail=* in OpenLDAP
- trino with ranger acces control does not work with ms sql server connector table functions
- Get-ACL with Invoke-Command
- In oracle, ORA-29273: HTTP request failed ORA-29024: Certificate validation failure
Related Questions in ACCESS-CONTROL
- Access-Control-Allow-Origin alwasy set to * in spring boot
- Unable to View Roles in Storage Account in Azure getting Blank
- How can i fix CORS policy problem in Nuxt?
- How do I enable access control on an already up and running MongoDb container?
- Is there a universal way to test the Access Control List of a folder and its children in PowerShell, independently of inheritance?
- CORS error when deploying MERN app: 'Access-Control-Allow-Origin' missing header for hosted server, and 404 Not Found on server deployment
- How can i restrict access to an Azure app service?
- Use my login system to control access to Digital Ocean Spaces objects
- Nestjs access control cannot read roles
- Creating a Limited Privilege PostgreSQL Role for Backend Server
- Conditional Binding for Objects in Google Cloud Storage Buckets
- Cloud Run/Build artifacts buckets are created with Fine Grained access policy by default
- Memory Access Control in Windows Memory Management
- Azure DevOps - Decode ACE permission bits
- Netlify Deployment Access-Control-Allow-Origin
Related Questions in ROLE-BASED-ACCESS-CONTROL
- OAuth access token attribute based reverse proxying of http ressources
- Is it possible to decide access level of Jenkins users where the login is through a group in Azure AD using SAML 2.0?
- GCP Monitoring Metrics Scope for RBAC
- Need help in integrating role-based access control with MSAL authentication in Spring Security
- Access Control for Google Cloud Logging
- Caller is not authorized to perform action on resource even though I have owner role on the Azure Key Vault and also subscription
- Access Control for Google Cloud Monitoring Dashboards
- Restrict credentials access using credentials domains in Jenkins
- Not able to give owner access from classic service administrator role
- How to Securely Differentiate Admin and User Roles with NextAuth and Next.js?
- Can I use policy based authorization to hide html elements from a user
- Method Not Getting Authorized in Spring Security despite Roles
- Open FGA Wildcard Relationship From Object to User
- Understanding Roles and Authorities in Spring Security
- Implementing customized Access Control using Spring Security and ACL
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?