I had a lot of problems adding secure annotations to my controllers.
it turns out that my controller implements InitializingBean - this is a bad idea.
public class MyController implements InitializingBean {
@Secured(value="ROLE_ADMIN")
@RequestMapping(method = RequestMethod.GET, value = "/{id}/edit")
public String getView(Model model, @PathVariable("id") long id) {
return "some view";
}
}
this failed:
WARN PageNotFound: 962 - No matching found for HTTP request with URI [...]
removing @Secured Annotation will work, but obviously I didn’t want to. after a lot of wasted time on the network, I noticed that the last difference between a working and a non-working controller was that it implemented the InitializingBean interface. And now it works like a charm:
public class MyController{
@Secured(value="ROLE_ADMIN")
@RequestMapping(method = RequestMethod.GET, value = "/{id}/edit")
public String getView(Model model, @PathVariable("id") long id) {
return "some view";
}
}
Can someone help me understand this behavior?
source
share