Chris Beams (Migrated from SEC-1284) said:
Expected: <sec:global-method-security/> should expose a proxy-target-class attribute, following suit with <tx:annotation-driven/>, <aop:config/>, etc.
Actual: It does not expose this attribute, and so users are forced to work around the namespace and drop down to low-level bean defs if they need to influence the proxy creation strategy.
Luke Taylor said:
The only requirement here is that the namespace schema supports the attribute. AopNamespaceUtils.registerAutoProxyCreatorIfNecessary(), which is called by GlobalMethodSecurityBDP, will check for the attribute on the source element and do the necessary work. So no Java code-level changes are necessary.
This issue is related to https://jira.spring.io/browse/SWS-551