user971169 user971169 - 3 months ago 48
reST (reStructuredText) Question

spring boot ldap group and restricted endpoints

I want to restrict certain rest endpoints to be only for LDAP users in a certain group.

I followed the guide https://spring.io/guides/gs/authenticating-ldap/ to setup LDAP authentication which is working perfectly. So how do I restrict certain rest endpoints?

I tried

@PreAuthorize("hasRole('developers')")
@RequestMapping("/foo")
public String foo(HttpServletRequest request) {
return "Welcome to FOO " + request.getRemoteUser();
}


but it still lets users not in the developers group access that endpoint

Answer

@EnableGlobalMethodSecurity(securedEnabled=true) needed to be added to the webSecurityConfig. Once I did that I was able to use @Secured("ROLE_DEVELOPERS") and that method was then restricted to that role.