Stack Overflow
Stack Overflow

Questions tagged [security-context]

104 questions
24
votes
1 answer

Declaring Spring Bean in Parent Context vs Child Context

I have a spring bean (dao) object which I instantiate in my ServletContext via the following xml: This bean is declared…
dev
  • 2,949
  • 5
  • 37
  • 48
16
votes
1 answer

How to customize the behaviour of SecurityContextPersistenceFilter?

I developing a stateless REST API that makes use of token based authentication, where I'm manually adding an Authentication object to the security context by calling SecurityContextHolder.getContext().setAuthentication(authentication) from within a…
Ric
  • 808
  • 1
  • 6
  • 18
15
votes
2 answers

Kubernetes, security context, fsGroup field and default user's group ID running the container

I'm new to Kubernetes and I'm trying to understand some security stuff. My question is about the Group ID (= gid) of the user running the container. I create a Pod using this official example:…
Sylmarch
  • 393
  • 2
  • 3
  • 7
10
votes
1 answer

Is a SecurityContext shared between requests when using Spring Security?

I'm seeing some strange behaviour when using stateless token-based authentication on a rest API written using Spring Boot. The client includes a JWT token with each request, and a custom filter I've written that extends GenericFilterBean adds an…
Ric
  • 808
  • 1
  • 6
  • 18
8
votes
2 answers

SecurityContext with default System authentication/user

In my spring application, I would like that a SecurityContext always holds an Authentication. If it's not a regular UsernamePasswordAuthenticationToken, it will be a PreAuthenticatedAuthenticationToken describing the "system user." This has reasons…
Herr Derb
  • 4,977
  • 5
  • 34
  • 62
7
votes
0 answers

Running Nginx in pod without privilege escalation

I'm trying to get Nginx to run with minimal privileges while being able to act as a proxy on port 80. In other words, this is the securityContext I'm working with: securityContext: allowPrivilegeEscalation: false …
Jurgy
  • 2,128
  • 1
  • 20
  • 33
7
votes
1 answer

Kubernetes 137 exit code when using SecurityContext readOnlyRootFilesystem

I am trying to host a web app in a container with read only file system. Whenever I try to configure the root file system as read only through the SecurityContext of the container I get the following error: Ports: 80/TCP, 443/TCP …
Georgi Yankov
  • 411
  • 2
  • 9
7
votes
2 answers

why I am getting Read only file system error from Nginx?

Dear K8S community Team, I am getting this error message from nginx when I deploy my application pod. My application an angular6 app is hosted inside an nginx server, which is deployed as a docker container inside EKS. I have my application…
user6734184
  • 111
  • 2
  • 2
  • 4
7
votes
4 answers

Run new process as different user in vb.net

I'm currently using a homegrown method to run a process as a different user in Vista, and I can't escape the feeling that's it hack-ish and less than ideal (in addition to the fact that it craps out UAC, crashing my app with a security exception,…
SqlRyan
  • 33,116
  • 33
  • 114
  • 199
7
votes
1 answer

How to mock security context in tests if I disabled authorizarion

I have tests like this: @RunWith(SpringRunner.class) @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ActiveProfiles("test") public class MyTests { …
gstackoverflow
  • 36,709
  • 117
  • 359
  • 710
6
votes
2 answers

How do I restrict access to a URL using Spring security and a property from the spring security object?

I'm using Spring 5.1 and Spring security 4.2. I'm configured access rules using an XML file. My question is, how do I write an intercept rule (access control to a URL) based on a property in the Spring security context? That is, I have a…
Dave
  • 15,639
  • 133
  • 442
  • 830
5
votes
1 answer

Kubernetes: run container as a root

I do understand drawbacks of doing this, however I have image that will work only with root user running cmd within it. Server kubernetes version is: v1.19.14. Inside my deployment.yaml I have: spec: containers: - name: myapp …
Rudziankoŭ
  • 10,681
  • 20
  • 92
  • 192
4
votes
3 answers

Determining the current security checks being made (SQL Server)

One thing that I've always hated more than just about anything in MS SQL Server is the way that security works. The security context constantly switches if you look at the server funny and it's often very hard (for me anyway) to predict or debug. In…
Tom H
  • 46,766
  • 14
  • 87
  • 128
4
votes
2 answers

Symfony2 : Why getToken return null when injecting SecurityContext in a TwigExtension?

I did exactly the answer from this post but the token property is null and the user is correctly logged in and the route is behind a firewall. Also, I am injecting the SecurityContext in other services and it works fine. services.xml :
Frank6
  • 1,193
  • 1
  • 11
  • 23
4
votes
1 answer

Spring Security: Authentication method not supported: GET

I don't know where I am missing something, would really appreciate your help on that one! I get the "Authentication method not supported: GET" message after my login try. Here is my security-Context.xml:
James Carter
  • 849
  • 3
  • 13
  • 29
1
2 3 4 5 6 7