Although we hinted previously that configuring ACL support in Spring Security requires bean-based configuration (which it does), you can use ACL support while retaining the simpler
security XML namespace configuration if you choose. If you're following along with the sample code, you'll need to switch
web.xml to the
security namespace configuration, using
Our simple target scenario is to disallow read access to the first category on the JBCP Pets home page to any individual other than a user with
GrantedAuthority assigned. The first category is called Pet Apparel—this is the category we'll be protecting with ...