Open Prabha2810 opened 5 years ago
If you’re talking about inside your client application, using the MITREid Connect client library, then that’s a problem with your Spring Security configuration inside your app and is outside the scope of this project. If you’re talking about the MITREid Connect server, then there are several pages that the user can see when not logged in. This is by design and they do not leak sensitive information.
— Justin
On Sep 24, 2018, at 1:48 AM, Prabha2810 notifications@github.com wrote:
Hi ,
I want the user must not be able to access any view page without a login. However its been happening .I have tried lots of code like hasRole concept but its not at all effective ... :(
What I am missing I dont know .. Do i need to see at server side ??? is there any way to handle it ? Please help ....
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/1427, or mute the thread https://github.com/notifications/unsubscribe-auth/AAHej3Ze4WJ6qAmqiZSJ4MwJBk70KWIrks5ueHI7gaJpZM4W2F8L.
Hi ,
I want the user must not be able to access any view page without a login. However its been happening .I have tried lots of code like hasRole concept but its not at all effective ... :(
What I am missing I dont know .. Do i need to see at server side ??? is there any way to handle it ? Please help ....