Method Security with @Secured Annotations based on User Role
- Download or Clone this Project and do maven import.
git clone https://github.com/Sudarshan-Gowda/SpringMvc-SecuredAnnotation.git
-
Use the below command to run the application locally. Before that make sure you have maven plugin installed in your machine.
mvn tomcat7:run-war -
Once the application launched up successfully, Use the below credentails to login into system. Currenlty two users are maintained in the system and each one having different role.
- Username - user, password - password, role - ROLE_USER
- Username - admin, password - password, role - ROLE_ADMIN
-
Here the method is secured with @Secured annotation based on the roles of the user, So each user will be having different access rights to the specific url or the screen.
-
Find the below code snippet for the configuration and usage of @Secured annotation in method level,
@Secured("ROLE_USER") int placeOrder(TechnologyDetails order); @Secured("ROLE_ADMIN") List<TechnologyDetails> getOrderList(); -
You can also configure the multiple role access to same function as below,
@Secured({"ROLE_USER","ROLE_ADMIN"})