Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1491: Add support for Enum in Secured Annotation #1730

spring-issuemaster opened this Issue Jun 1, 2010 · 4 comments


None yet
1 participant

Luke Taylor (Migrated from SEC-1491) said:

In an RBAC style application, with operations protected by specific "rights" rather than roles, it makes sense to define these rights using an enum. The Secured annotation should support an additional attribute which directly provides a collection of ConfigAttributes that are required, in addition to the current approach of using Strings. The Enum should implement ConfigAttribute, and also potentially GrantedAuthority, to provide efficient lookup in a custom voter which takes into account the use of an authority set (or EnumSet) to store the current user's authorities.

SecuredAnnotationSecurityMetadataSource needs to be altered to support the extra attribute on the annotation.

Luke Taylor said:

This isn't actually possible, since ConfigAttribute[] isn't a valid annotation member type. An annotation can use an Enum as the type, but the Enum in this case will be defined by the user.

An alternative may be to allow a custom annotation, so the user defines the annotation and Enum:

@interface MySecurityAnnotation {
SecurityEnum[] value();

and then configures Spring Security to advise methods based on this attribute rather than the standard "@secured".

Luke Taylor said:

Added a separate parametrized strategy to SecuredAnnotationSecurityMetadataSource to allow use of a custom annotation, potentially with an enum as the value.

Luke Taylor said:

The AnnotationMetadataExtractor strategy combined with the ability to use an external SecurityMetadataSource (which takes priority) should make it simple enough to add support for custom annotations, including those which use enum values.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC2 milestone Feb 5, 2016

This issue depends on #1943

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment