Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Trivial Trivial
    • Resolution: Invalid
    • Affects Version/s: 3.0.0 RC1
    • Fix Version/s: 3.0.0.RC2
    • Component/s: Namespace
    • Labels:
      None

      Description

      The configuration of <global-method-security> is commented in the spring security documentation and is always placed in a security-context configuration.

      But in a enviroment with different contextes which can be dynamically like a rest-context which is defined over a servlet-mapping the location must be in the rest-context instead of security-context.

      Document where to place the <global-method-security> in dynamically enviroments or support the config in the security-context.

        Activity

        Show
        Hauke Rabe added a comment - see also http://forum.springsource.org/showthread.php?t=79611
        Hide
        Luke Taylor added a comment -

        There's nothing special about where you place <global-method-security />. The normal rules for Spring application (parent and child) contexts apply, and there is no such thing as a "security-context" configuration. You can define your Spring Security beans in any part of the main application context - there is nothing special about them.

        I'm assuming this is basically the same issue as this FAQ:

        http://static.springsource.org/spring-security/site/faq.html#faq-method-security-in-web-context

        i.e. the web context is normally a child context and hence not visible to the main application context.

        Show
        Luke Taylor added a comment - There's nothing special about where you place <global-method-security />. The normal rules for Spring application (parent and child) contexts apply, and there is no such thing as a "security-context" configuration. You can define your Spring Security beans in any part of the main application context - there is nothing special about them. I'm assuming this is basically the same issue as this FAQ: http://static.springsource.org/spring-security/site/faq.html#faq-method-security-in-web-context i.e. the web context is normally a child context and hence not visible to the main application context.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Hauke Rabe
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: