Michael Osipov (Migrated from SEC-2080) said:
For now, Spring Sec supports role-based or pass-all-or-nothing access checks.
Checks like is(String username), isAny(String... username), isPrincipal, isAnyPrincipal would cover other useful cases.
In may env there are only roles for the prod system but not the test system or an authz system where the developer has no write access to, like Active Directory. Quick setups like access="is('michael-o@jira')" would ease this issue.
Michael Osipov (Migrated from SEC-2080) said:
For now, Spring Sec supports role-based or pass-all-or-nothing access checks.
Checks like is(String username), isAny(String... username), isPrincipal, isAnyPrincipal would cover other useful cases.
In may env there are only roles for the prod system but not the test system or an authz system where the developer has no write access to, like Active Directory. Quick setups like access="is('michael-o@jira')" would ease this issue.