How does the @PreAuthorize annotation in Spring Security differ from the @Secured annotation in terms of the conditions that can be applied?
- @PreAuthorize allows for complex SpEL (Spring Expression Language) expressions for fine-grained control
- @PreAuthorize is deprecated, and @Secured should be used
- @PreAuthorize only works with roles while @Secured allows for custom conditions
- @Secured is more powerful than @PreAuthorize
The @PreAuthorize annotation in Spring Security allows for complex SpEL expressions to define fine-grained access control conditions. This means you can use expressions involving multiple variables and logic, making it more versatile than @Secured, which primarily works with roles.
Loading...
Related Quiz
- Imagine you have a Spring Boot application with complex security configurations. How would you perform integration tests to ensure that all security constraints and access controls are working as expected?
- You are tasked with setting up a Spring Boot project that should support both relational and NoSQL databases. How would you configure the project to handle multiple database types?
- The Spring Boot _____ properties file allows users to configure the application's settings.
- To ensure the security of passwords, Spring Security recommends using a _____ password encoder.
- Reactive Streams in Spring Boot offer _____ to handle the flow of data between the producer and consumer.