Can Spring Security use @PreAuthorize on Spring controllers methods?

java spring-mvc controller spring-security
egervari picture egervari · Jun 21, 2010 · Viewed 47.6k times · Source

Can Spring Security use @PreAuthorize on Spring controllers methods?

Answer

axtavt picture axtavt · Jun 21, 2010

Yes, it works fine.

You need <security:global-method-security pre-post-annotations="enabled" /> in ...-servlet.xml. It also requires CGLIB proxies, so either your controllers shouldn't have interfaces, or you should use proxy-target-class = true.

Related questions

Spring MVC Controller redirect using URL parameters instead of in response

I am trying to implement RESTful urls in my Spring MVC application. All is well except for handling form submissions. I need to redirect either back to the original form or to a "success" page. @Controller @RequestMapping("/form") public class …

Read More
In Spring MVC, how can I set the mime type header when using @ResponseBody

I have a Spring MVC Controller that returns a JSON String and I would like to set the mimetype to application/json. How can I do that? @RequestMapping(method=RequestMethod.GET, value="foo/bar") @ResponseBody public String fooBar(){ return myService.…

Read More
Spring-MVC Problem using @Controller on controller implementing an interface

I'm using spring 2.5 and annotations to configure my spring-mvc web context. Unfortunately, I am unable to get the following to work. I'm not sure if this is a bug (seems like it) or if there is a basic misunderstanding on …

Read More