A JSR-250 annotations
1, added in pom.xml
<dependency>
<groupId>javax.annotation</groupId>
<artifactId>jsr250-api</artifactId>
<version>1.0</version>
</dependency>
2. Open comments in spring-mvc.xml
<security:global-method-security jsr250-annotations="enabled"></security:global-method-security>
3, in the method of access control using annotations above
@RolesAllowed("ADMIN")
This can also write @RolesAllowed ( "ROLE_ADMIN"), the above is omitted ROLE_ prefix
Two @ Secured Notes
1. Open comments in spring-mvc.xml
<security:global-method-security secured-annotations="enabled"></security:global-method-security>
2, in the method of access control using annotations above
@Secured("ROLE_ADMIN")
It can not be omitted herein prefix ROLE_
Three based on an expression operation
1. Open comments in spring-mvc.xml
<security:global-method-security pre-post-annotations="enabled"></security:global-method-security>
2, in the method of access control using annotations above
@PreAuthorize("authentication.principal.username == 'peny'")
@PreAuthorize("hasRole('ROLE_ADMIN')")
Here ROLE_ prefix may be omitted; @PreAuthorize ( "hasRole ( 'ADMIN')")