In my previous employment I was experiencing a well known problem of being unable to prevent the user from being able to navigate the site using the back button after logging out. My technologies include Spring, JavaScript and potentially the Mobile...
How to NOT share session between multiple browser tabs ?  I am using Spring Security in JSP/Servlet application and I want to know "How can we achieve the behavior with Spring Security where user is forced to login again whenever he changes the b...
This is possible with Thymeleaf 3.0:  /*[# th:if="${user.admin}"]*/     alert('Welcome admin'); /*[/]*/   However this does not work:  /*[# sec:authorize="hasAnyRole('ROLE_ADMIN)"]*/     alert('Welcome admin'); /*[...
I have web application which and i am trying to make keycloak  authorizations on JavaScript side I am going on keycloak login page and  authenticating successfully. Here is my code   var keycloak = Keycloak({             realm: 'demo',...
I have to hide some columns of my datatable if the user isn't ADMIN. In HTML I have this code  <table id="fleetsTable"     class="table table-bordered table-striped">     <thead>         <tr>             <th&g...
I have an XHTML page which is called after a successful credit card payment. But when the user hits the back button, he's charged again. How can I handle the issue, by either disabling the back button or invalidating his session when he hits back...
I have a trouble with CORS configuration. I've followed few tutorials, videos on YT and I was looking for help here, on StackOverflow - but nothing helps me. I have two backend projects (first one - Spring Boot 1.5.9 with OAuth2 and JWT, second o...
Is it makes sense to do a redirection to an external site (OAuth sever) with custom headers in order to authenticate the user?  For example, after providing your credentials to http//this_is_my_site/login you click login, and redirects you to the ext...
I have a front end written in AngularJS, and a Spring MVC backend. The idea I had was to only secure the REST API services and use an interceptor in AngularJS to redirect the user to the login page when an unauthorized service call is made. The probl...
I am trying to set up keycloak based ABAC, Attribute-based access control for my APIs. I was able to set it up creating a javascript based policy which looks for specific user attribute and then grant access, something like   var context = $evaluatio...

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.