[英]What is difference between @PreAuthorize and @security annotation in Spring?
What is difference between @PreAuthorize
and @Security
annotations in Spring? Spring中的
@PreAuthorize
和@Security
批注有什么区别?
And what does it mean passing a parameter like @PreAuthorize("hasRole('USER_ROLE')")
? 传递诸如
@PreAuthorize("hasRole('USER_ROLE')")
类的参数是什么意思?
Do you mean @Secured
instead of @Security
, because I haven't heard of the latter. 您是说
@Secured
而不是@Security
,因为我还没有听说@Secured
。
@PreAuthorize
simply specifies which role(s) a, currently logged in, user must have to execute a method. @PreAuthorize
仅指定用户当前必须登录哪个角色才能执行方法。
@Secured
does pretty much the same afair, but it's hardly ever used, because @PreAuthorize
enables specifications that include AND
. @Secured
的用法差不多,但是几乎没有用过,因为@PreAuthorize
启用了包含AND
规范。
For example, @PreAuthorize("hasRole('DB_ADMIN') AND hasRole('ADMIN')")
is not possible with @Secured
. 例如,
@PreAuthorize("hasRole('DB_ADMIN') AND hasRole('ADMIN')")
是不可能的@Secured
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.