11 Fine-Grained Access Control

In this chapter, we will first examine two ways to implement fine-grained authorization—authorization that may affect portions of a page of the application. Next, we will look at Spring Security’s approach to securing the business tier through method annotation and the use of interface-based proxies to accomplish Aspect-Oriented Programming (AOP). Then, we will review an interesting capability of annotation-based security that allows for role-based filtering on collections of data. Lastly, we will look at how class-based proxies differ from interface-based proxies.

During this chapter, we’ll cover the following topics:

Configuring and experimenting with different methods of performing in-page authorization checks ...

Get Spring Security - Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security - Fourth Edition by Badr Nasslahsen

11

Fine-Grained Access Control

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly