In this tutorial I will show you the most useful annotation is
@PreAuthorize which decides whether a method can actually be invoked or not based on user’s role and permission.
hasRole() method returns true if the current principal has the specified role and
hasPermission() method returns true if the current user’s rola has the specific permission such as READ, WRITE, UPDATE or DELETE. By default if the supplied role does not start with ROLE_ will be added. This can be customized by modifying the
You can check my previous tutorial on hasRole @PreAuthorize annotation – hasRole example in Spring Security