Chapter 5
Authorization with Spring Expressions
Section 3
Authorization With Expressions - on Methods
Discuss the method-level security that supports expressions. We'll start with the less flexible @Secured annotation and then move over to the @PreAuthorize annotation. Secure the API of the application itself, independent of page security. - Introduce the method authorization; show how to enable it and discuss where the method security belongs - First show the @Secured annotation, then the more flexible @PreAuthorize annotation with security expressions - Show how to use the @PreAuthorize annotation in practice with a hasRole to secure the user's page in the sample application