SEC-2074: Injection of MethodSecurityMetadataSource through XML

[Marrache Mickael](https://jira.spring.io/secure/ViewProfile.jspa?name=miko95) (Migrated from [SEC-2074](https://jira.spring.io/browse/SEC-2074?redirect=false)) said:

The doc provides an example which doesn't work:

<bean id="bankManagerSecurity" class="org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor">
  <property name="authenticationManager" ref="authenticationManager"/>
  <property name="accessDecisionManager" ref="accessDecisionManager"/>
  <property name="afterInvocationManager" ref="afterInvocationManager"/>
  <property name="securityMetadataSource">
    <value>
      com.mycompany.BankManager.delete*=ROLE_SUPERVISOR
      com.mycompany.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR
    </value>
  </property>
</bean>

I get the following exception:

Caused by: java.lang.IllegalStateException: Cannot convert value of type [java.lang.String] to required type [org.springframework.security.access.method.MethodSecurityMetadataSource] for property 'securityMetadataSource': no matching editors or conversion strategy found
    at org.springframework.beans.TypeConverterDelegate.convertIfNecessary(TypeConverterDelegate.java:241)
    at org.springframework.beans.BeanWrapperImpl.convertIfNecessary(BeanWrapperImpl.java:470)
    ... 27 more

See the link to StackOverflow.

Thanks,
Mickael


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

SEC-2074: Injection of MethodSecurityMetadataSource through XML #2298

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

SEC-2074: Injection of MethodSecurityMetadataSource through XML #2298

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions