Spring Security Oauth2.0认证授权

22.Spring Security应用详解-授权-方法授权

2020-03-28  本文已影响0人  LANSHENGYANG

方法授权

@EnableGlobalMethodSecurity(securedEnabled = true)
public class MethodSecurityConfig {//...}
public interface BankService {
    @Secured("IS_AUTHENTICATED_ANONYMOUSLY")
    public Account readAccount(Long id);
    
    @Secured("IS_AUTHENTICATED_ANONYMOUSLY")
    public Account[] findAccounts();
    
    @Secured("ROLE_TELLER")
    public Account post (Account account, double amount);
}
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig {
//...
}
public interface BankService {
    @PreAuthorize("isAnonymous()")
    public Account readAccount(Long id);
    @PreAuthorize("isAnonymous()")
    public Account[] findAccounts();
    @PreAuthorize("hasAuthority('p_transfer') and hasAuthority('p_read_account')")
    public Account post (Account account, double amount);
}
上一篇下一篇

猜你喜欢

热点阅读