Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring security : User class without UserRole (roles). Authentication only no authorization needed

Tags:

java

spring-boot

spring-security

I'm using Spring-security with Spring-boot. My Application is a POC, for the moment there is no need to have Role.

I was wondering if it is possible to have a Custom UserDetailsService which return UserDetails in loadUserByUsername method but without the GrantedAuthority nor UserRole class.

I have googled all the day long for an example but I always get them with the UserRole.

Thanks in advance

like image 663
Master Mind Avatar asked Oct 28 '25 20:10

Master Mind

1 Answers

This should work:

  1. Let UserDetails return an empty collection in getAuthorities():

    public class User implements UserDetails {
    ...
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {        
        return new HashSet<GrantedAuthority>();
    }
}

  2. Use just authenticated() while configuring security

    http.authorizeRequests()
    ...
    .antMatchers("/foo").authenticated()
    ...
like image 176
Sanjay Avatar answered Oct 30 '25 12:10

Sanjay
Sign in to Comment

Related questions

Maven add generated folder(using maven plugin) as source folder , IntelliJ not recognizing
Remove gestures from Android Q
How to configure MediaRecorder to record audio in WAV format at 48KHz in Android Studio?
Spring Mongodb Timestamp Timezone Misleading
Press Home button in Appium Java client
How can I get the imagelevel of an ImageView?
How to create a collection of file collections in gradle?
JCR vs JPA for a DMS: performance, benefits, drawbacks
Filtering / sorting properties into a map in Java 8
Setting "Wrap Content" to a view programmatically

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!