Menu
I have a spring boot based project with following declaration in pom.xml:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.2.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
and following dependencies among others
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-rest</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
But seems like spring boot is not pulling in SecurityEvaluationContextExtension class on the classpath.
Am I missing a dependency or am I using an older version of spring boot?
EDIT:
I directly added the following dependency in my pom.xml and now I can see the class, but STS is showing warning : "Duplicating managed version 4.0.3.RELEASE for spring-security-data"
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-data</artifactId>
<version>4.0.3.RELEASE</version>
</dependency>
589
We can use SpEL (Spring Expression Language) with @CurrentSecurityContext to inject the Authentication object or the Principal. SpEL works together with type lookup. The type check is not enforced by default, but we can enable it via the errorOnInvalidType parameter of the @CurrentSecurityContext annotation.
Implementing with @CurrentSecurityContext We can use SpEL (Spring Expression Language) with @CurrentSecurityContext to inject the Authentication object or the Principal. SpEL works together with type lookup.
In the demo application produced in that article, no custom error handling is implemented. So, by making a request to a protected API including a wrong access token, the default Spring Boot error handling logic is applied. Let’s test it out.
Particularly, Spring Boot looks for a mapping for the / error endpoint during the start-up. This mapping depends on what is set on a ViewResolver class.
I am not shure what you mean with 'spring is not pulling in..' But to use this extension you have to create a bean of this type see SecurityEvaluationContextExtension
EDIT : The warning you are getting is no problem. You can try removing the version from the dependency, because it seems available through dependencyManagement.
71
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
