Use AuthoritiesAuthorizationManager in Jsr250AuthorizationManager #12782
Labels
in: core
An issue in spring-security-core
status: ideal-for-contribution
An issue that we actively are looking for someone to help us with
type: enhancement
A general enhancement
This would provide the same externalization benefit for
@RolesAllowed
as@Secured
. It would also simplify configuring aRoleHierarchy
for@RolesAllowed
.@PermitAll
and@DenyAll
will require different treatment since they do not imply any individual authorities and would thus not invokeAuthoritiesAuthorizationManager
.The text was updated successfully, but these errors were encountered: