If you need to extend the functionality of method security expressions in a Spring application to support custom permissions, how would you go about integrating a custom permission evaluator?

  • Create a custom security interceptor
  • Implement a custom PermissionEvaluator
  • Modify the Spring Security core library
  • Use predefined permission expressions
To support custom permissions in Spring Security, you should implement a custom PermissionEvaluator (Option 2). This interface allows you to define custom logic for evaluating permissions. Creating a custom security interceptor (Option 1) or modifying the Spring Security core library (Option 3) is not recommended and can be complex and error-prone. Predefined permission expressions (Option 4) may not cover all custom requirements.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *