• Spring security use security expression annotations to protect methods and classes
  • Include the global-method-security namespace to implement @Pre/@Post annotations

XML Configuration for @Pre/@Post Annotations

@PreAuthorize

  • @PreAuthorize ensures that the method is invoked only when the specified expression is true

Only Guest User can Create guestlist

JACA Configuration for @Pre/@Post Annotations

@PostAuthorize

  • @PostAuthorize ensures that the method returns value only when the specified expression is true

Only Admin can read the Message

Implementing Filter using @PreFilter and @PostFilter
– Filter collections and arrays based on the specified expression