Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am new to Spring Security. Can Spring Security validate the relationship between users?
for example:
I have two users type. one is teacher, another one is student.
I wanna validate whether this student have relationship with the special teacher.
Then the student can do some operation with this special teacher.
Can spring security achieve this goal?
Please provide me some reference, keyword, or link then i can do more study
Thx
Security issues can be categorised as authentication or authorization issues. Your issue is an authorization issue. But it is not a static authorization problem, since it is not caused due to the configuration of rights and roles of the user, but it is a dynamic one since it has to do with the student being related to a teacher in order to be authorised to execute some specific action. What you need is to inject the spring security which business checks that provide a positive flag each time this relation is satisfied.
If I undestood you problem well perhaps you might need to read and understand about
AccessDecisionManagerclass from Spring Security.