Skip to content
/ spring-security-hierarchical-roles Public

This sample application uses the spring security feature of hierarchical roles to secure the application both on HTTP and method level.

5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

twiechert/spring-security-hierarchical-roles

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.idea
.idea
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Readme.md
Readme.md
 
 
pom.xml
pom.xml
 
 
spring-security-hierarchical-roles.iml
spring-security-hierarchical-roles.iml
 
 

Repository files navigation

Spring Security - Hierarchical Roles Sample App

This sample application uses hierarchical roles for validation of the user's permission to access a certain resource both on method and HTTP level.

Extending the role hierarchy

The role hierarchy is defined in the enum Role, where you can add roles and their includings. An entry could look like:

ROLE_TEST_ENGINEER("TEST_ENGINEER", ROLE_TESTER, ROLE_DEVELOPER);

Securing the application

You can secure your application on HTTP level defining matching rules in the WebSecurityConfig or on method-level using the @PreAuthorize annotation. In this sample app method-level security is used to make sure that only admin users can view all other user obejcts:

@PreAuthorize("hasRole('ADMIN')") 
Iterable<User> findAll();

About

This sample application uses the spring security feature of hierarchical roles to secure the application both on HTTP and method level.

Resources

Readme
Activity

Stars

5 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages