Skip to Content
Full Stack Development with JHipster
book

Full Stack Development with JHipster

by Deepu K Sasidharan, Sendil Kumar N
March 2018
Intermediate to advanced content levelIntermediate to advanced
380 pages
9h 23m
English
Packt Publishing
Content preview from Full Stack Development with JHipster

Authorization with Spring Security

As you may have noticed, when it comes to generated code, JHipster doesn't provide much in terms of role-based security, authorization management, and so on. This is intentional, as these heavily depend on the use case and most often associated with the business logic of the application. So, it would be better if this was hand-coded by the developers as part of the business code.

Normal users have ROLE_USER and admin users have ROLE_ADMIN assigned in user management. For our use case there are few security holes that we need to take care of: 

  • Normal users should only have access to view the product listing, product order, order item, invoice, and shipment 
  • Normal users should not have access to create/edit/delete ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Full Stack Development with JHipster - Second Edition

Full Stack Development with JHipster - Second Edition

Deepu K Sasidharan, Sendil Kumar Nellaiyapen
Eclipse AspectJ: Aspect-Oriented Programming with AspectJ and the Eclipse AspectJ Development Tools
Jasmine Cookbook

Jasmine Cookbook

Munish Kumar
Build Your Own IoT Platform: Develop a Flexible and Scalable Internet of Things Platform

Publisher Resources

ISBN: 9781788476317Supplemental Content