I’d like to have a similar behavior to Stack Overflow where you can see

Question

0

Asked: June 17, 20262026-06-17T08:13:12+00:00 2026-06-17T08:13:12+00:00

I’d like to have a similar behavior to Stack Overflow where you can see

0

I’d like to have a similar behavior to Stack Overflow where you can see most of the site anonymously and only requires a user role/authentication for certain actions. Basically anonymous read with restricted writes.
What I was hoping I could do is specify anonymous access my security-config.xml and annotate various methods that require a proper user role.
Config:

<global-method-security secured-annotations="enabled" />

<http auto-config='true'>
    <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <http-basic />
</http>

Method declaration

    @Secured("ROLE_USER")
    @RequestMapping(value = "/{estabID}", method = RequestMethod.GET)
    public ModelAndView getEstablishmentPage(@PathVariable String estabID) { .... }

However I am not prompted for the basic auth credentials with this configuration. If I change the access attribute in the config to ROLE_USER everything works as expected, I’m presented with an auth challenge.

What would be the best way to accomplish anonymous access by default with authenticated users for certain actions?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-17T08:13:13+00:00

Editorial Team

2026-06-17T08:13:13+00:00Added an answer on June 17, 2026 at 8:13 am

As Luke Taylor mentioned in his comment, the problem was fixed by following this FAQ

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’d like to have a similar behavior to Stack Overflow where you can see

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply