vincent lee (Migrated from SEC-1277) said:
I think it is more reasonable to protect a resource like this：
Because the relationship between resources and roles may change in the future,
even more,the role name may change.
Luke Taylor said:
Totally wrong, eh?
First off, if you want to treat the attributes used in the security metadata as logical roles/permisssions, then there is nothing to stop you doing so. You can just implement an appropriate mapping in your AuthenticationProvider or UserDetailsService. This is a common requirement.
Secondly, please check the changelog before creating new issues. The functionality you are talking about was implemented in RC1 for SEC-525.
This issue duplicates #787