Attribute-Based Access Control with Spring Security
For more details, check The DZone article
All REST requests with sample data are in AbacSpringSecurity.postman_collection.json, you can import it into Postman chrome extension.
mvn clean install
- Copy sample-issue-tracker/target/sample-issue-tracker.war to your tomcat webapps folder
- Start tomcat
- Add new project using POST /sample-issue-tracker/projects/
- Assign PM to the project using PUT /sample-issue-tracker/projects/{project_id}/pm/
- Add users to the project using POST /sample-issue-tracker/projects/{project_id}/users/
- Add issues to the project using POST /sample-issue-tracker/projects/{project_id}/issues/
- Assign issues to users using PUT /sample-issue-tracker/projects/{project_id}/issues/{issue_id}/assignee
- Update issue's status PUT /sample-issue-tracker/projects/{project_id}/issues/{issue_id}/status
The sample application uses HTTP Basic Authentication and blow are the users that can be used:
- admin/password
- pm1/password
- pm2/password
- dev1/password
- dev2/password
- test1/password
- test2/password
All users can be found and modified in edu.mostafa.abac.config.InMemoryUserDetailsService class.