SpringParadigm

I this post, I am going to discuss about some issues that I faced while configuring method level security with Annotation like @PreAuthorize, @PostAuthorize etc. The scenario is that I am trying to secure the calls to my controller methods through Annotation Based Method level security of Spring Security module. One of the parameters of the @PreAuthorize is the method parameter of Spring controller which I am passing with the help of Expression language and the parameter is being confugured through WebArgumentResolver of Spring as discussed in my previous post. @PreAuthorize("hasPriviledge( #dataInj, 'TxnClm5013','read')") @RequestMapping(value="/SecureMethodNew" , method=RequestMethod.GET) public ModelAndView secureMethodNew(HttpServletRequest request,@DataInject("dataInject") String dataInject123, @DataInjectNew DataInjectObject dataInj ) throws Exception { I am going to discuss my discussion into two sections:

Recently I came across Argument Resolver in Spring. It has got two versions: 1) Spring 3.2 &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp2) Spring 4.0 The scenario was such that for every handler method, I need a particular Object in every method. So, with the help of Spring Argument Resolver Architecture, I annotate that Particular Type with a Custom annotation for identifying that Particular Type and populating it. Without annotation By inspecting Only the type of the Parameter too, this end could be achieved. The configuration is as follows: Spring 3.2: &ltbean class="org.springframework.web.servlet.mvc.annotation