java - Bypass Spring Security @preauthorize -
i'm calling following method web layer throw logged in user has attached permission:
@preauthorize("hasrole('list_users_permission')") public list<userdto> getallusers() { ........ } but want call through scheduler job, means haven't logged in user.
is there way bypass annotation @preauthorize("hasrole('list_users_permission')") or create virtual user needed permissions ?
first, make getallusers() delegate non-secured method:
@preauthorize("hasrole('list_users_permission')") public list<userdto> getallusers() { return dogetallusers(); } public list<userdto> dogetallusers() { ... } then make scheduled code invoke dogetallusers().
Comments
Post a Comment