16 Global method security: Pre- and postauthorizations

This chapter covers

Global method security in Spring applications
Preauthorization of methods based on authorities, roles, and permissions
Postauthorization of methods based on authorities, roles, and permissions

Up to now, we discussed various ways of configuring authentication. We started with the most straightforward approach, HTTP Basic, in chapter 2, and then I showed you how to set form login in chapter 5. We covered OAuth 2 in chapters 12 through 15. But in terms of authorization, we only discussed configuration at the endpoint level. Suppose your app is not a web application--can’t you use Spring Security for authentication and authorization as well? Spring Security is a ...

Get Spring Security in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security in Action by Laurentiu Spilca

16 Global method security: Pre- and postauthorizations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly