Issue with Spring Security MethodSecurityEvaluationContext lookupVariable and addArgumentsAsVariables methods

StackOverflow https://stackoverflow.com/questions/22499730

  •  17-06-2023
  •  | 
  •  

Question

I have an issue with MethodSecurityEvaluationContext lookupVariable and addArgumentsAsVariables methods which is as follows:

The paramNames local variable itself is not null but always contains a null entry.

Does anyone know what could cause this?

screen capture

Here is the method annotated with @PreAuthorize (in a Roo-generated itd):

@PreAuthorize("isAuthenticated() AND hasPermission(#id, 'CurriculumService:findCurriculumIsAllowed')")
public Curriculum CurriculumServiceImpl.findCurriculum(Long id) {
    return curriculumRepository.findOne(id);
}
Was it helpful?

Solution

I was given the answer to the above question. One has to annotate the parameter with @P("id") as shown below: 

@PreAuthorize("isAuthenticated() AND hasPermission(#id, 'CurriculumService:findCurriculumIsAllowed')")
public Curriculum CurriculumServiceImpl.findCurriculum(@P("id") Long id) {
    return curriculumRepository.findOne(id);
}

See documentation here.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top