17 Global method security: Pre- and postfiltering

This chapter covers

Using prefiltering to restrict what a method receives as parameter values
Using postfiltering to restrict what a method returns
Integrating filtering with Spring Data

In chapter 16, you learned how to apply authorization rules using global method security. We worked on examples using the @PreAuthorize and @PostAuthorize annotations. By using these annotations, you apply an approach in which the application either allows the method call or it completely rejects the call. Suppose you don’t want to forbid the call to a method, but you want to make sure that the parameters sent to it follow some rules. Or, in another scenario, you want to make sure that after someone ...

Get Spring Security in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security in Action by Laurentiu Spilca

17 Global method security: Pre- and postfiltering

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly