You saw LDAP authentication with Spring Security in the previous section. Next, we will look at how to perform authorization. Let's recall that authorization is a verification process of whether an entity should have access to something. In short, authorization concerns the rules that will identify who is allowed to do what. After successful authentication, a user can perform various actions, based on the authority they have.
Let's recall that authentication deals with login credentials to verify valid users. Authorization is more of a check of whether a user has the authority to perform various actions, like adding, updating, viewing, or deleting a resource. An authorization happens after the user has been successfully authenticated. In this section, we will look at how to authorize an LDAP user.
So far, you have seen that the user's details are maintained at the LDAP server, which is used by Spring Security to perform authentication. Similarly, we...