11 Implementing authorization at the method level

This chapter covers

Method security in Spring applications
Preauthorization of methods based on authorities, roles, and permissions
Postauthorization of methods based on authorities, roles, and permissions

Up to now, we’ve discussed various ways of configuring authentication. We started with the most straightforward approach, HTTP Basic, in chapter 2, and then I showed you how to set form login in chapter 6. However, in terms of authorization, we only discussed configuration at the endpoint level. Suppose your app is not a web application—can’t you use Spring Security for authentication and authorization as well? Spring Security is a good fit for scenarios where your app isn’t used via HTTP ...

Get Spring Security in Action, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security in Action, Second Edition by Laurentiu Spilca

11 Implementing authorization at the method level

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly