0

I'm using Spring Security and @PreAuthorize to secure methods. I want to do something like:

Controller:

@PreAuthorize(SampleStaticClass.STATIC_FINAL_FIELD)
void someMethod() {}

Service:

// SampleStaticClass
public static final String STATIC_FINAL_FIELD = someService().getThisFieldFromDatabase();

but this requires constant expression. Any solutions ?

kryger
  • 12,906
  • 8
  • 44
  • 65
voncount
  • 1
  • 3

1 Answers1

0

You can either (a) add mapping between hardcoded values and stored in DB or (b) take solution from this thread:

@PreAuthorize("@mySecurityService.hasCustomPermission()")
some method() {}

Of course I prefer the first one as it is simpler to implement and support.

Community
  • 1
  • 1
ursa
  • 4,404
  • 1
  • 24
  • 38