October 2018
Intermediate to advanced
590 pages
15h 5m
English
As mentioned earlier, Spring Security performs method-level security through AOP, and there are two ways to secure methods. One is to use the @Secured annotation or the JSR-250 @RoleAllowed annotation to specify the authority/role required to invoke that method. The other way is to use Spring's expression language through the @PreAuthorize and @PostAuthorize annotations.
The following is the way to enable method security with the use of the @Secured annotation:
@EnableGlobalMethodSecurity(securedEnabled = true)public class MethodSecurityConfig { // ...}
The following is the way to enable method security with the use of the @RoleAllowed annotation:
@EnableGlobalMethodSecurity(jsr250Enabled = true)public class MethodSecurityConfig ...
Read now
Unlock full access