Consider using the annotation based approach (@PreAuthorize
, @PostFilter
annotations) combined
with a AclPermissionEvaluator
in preference to the older and more verbose
attribute/voter/after-invocation approach from versions before Spring Security 3.0.
AclEntryVoter |
Given a domain object instance passed as a method argument, ensures the principal has appropriate permission
as indicated by the |
AclPermissionCacheOptimizer | Batch loads ACLs for collections of objects to allow optimised filtering. |
AclPermissionEvaluator | Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular object using the ACL module. |