You are tasked with implementing fine-grained security constraints on service methods in a Spring application. How would you leverage method security expressions to fulfill complex security requirements?

  • Define custom security annotations
  • Use method-level security annotations with SpEL expressions
  • Rely solely on URL-based security configurations
  • Implement a single global security rule
In Spring, method security expressions allow you to specify security constraints using SpEL (Spring Expression Language) within annotations like @PreAuthorize or @PostAuthorize. This enables fine-grained control over method-level security. Custom security annotations (Option 1) might be used in combination with method security expressions, but they are not a replacement. URL-based security (Option 3) and a single global security rule (Option 4) are not the preferred way to achieve fine-grained security.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *