In Spring Security, how would you handle the situation where a user needs multiple roles for accessing different resources?
- Assign a composite role that includes all the required roles to the user.
- Define a separate authentication filter for each resource and specify the required roles in the filter configuration.
- Use a custom AccessDecisionVoter to evaluate the user's roles and grant access accordingly.
- Create multiple user accounts, each with a different role, for accessing different resources.
In Spring Security, when a user needs multiple roles for accessing different resources, you can assign a composite role to the user. This composite role should include all the required roles for accessing those resources. Option 2 is not a recommended approach as it would lead to code duplication. Option 3 is a more complex solution and might not be necessary for this scenario. Option 4 is not an efficient way to handle role-based access control.
Loading...
Related Quiz
- Which annotation is used to define a bean in the Spring context?
- Your Spring Boot application requires custom handling of specific exceptions, with different response bodies for each exception type. How would you implement this while ensuring that unhandled exceptions are also adequately addressed?
- What is the primary role of the UserDetailsService in Spring Security?
- What is the primary purpose of the @SpringBootTest annotation in Spring Boot testing?
- To configure the cache storage type, like in-memory or external, in Spring Boot, the _____ property is used.