Spring Tips: Spring Security method security with special guest Rob Winch
ฝัง
- เผยแพร่เมื่อ 21 ต.ค. 2024
- Hi, Spring fans! In this installment I have special guest Spring Security lead Rob Winch give us a master class in how the method security support works and some of its new features. Come for the security, stay for the incredible opportunity to look over a senior engineer's shoulders as he explains the nuances of API design!
#springboot #springsecurity #springframework #java #security #apidevelopment #softwaredevelopment #architecture
In the first part, I was like..what is going on... I was just keep telling.. don't comment, until you watch the whole video, give Rob a chance, don't comment, because if that would not work, Josh wouldn't have uploaded, not using record or lombok is probably just because to keep it simple, etc.. but end of the day, it was a nice save. HandleAuthorizationDenied is a very cool 6.3.1 feature.
😍😍😍
i wonder if this works well with reactive, I did play with these annotation and SpEL before but decided for method level authorization to call inside the service something like AuthorizationManager or AuthorizationRoleHandler and have all my logic regarding authorization handled in those classes just for more cohesion and because I don't really like how scattered these annotation and rules are across the classes like your model entities and services but I do like this approach just wondering if something can be done to make this approach more centralized?
Loved it
super informative🫡