-
|
I post this question to know the difference between these 2 annotations. When i submit a valid token with realm_access.roles = ['user'], only the |
Beta Was this translation helpful? Give feedback.
Answered by
ch4mpy
Jan 30, 2023
Replies: 1 comment 1 reply
-
|
"Roles" in spring-security world are "authorities" with Those 3 are the same:
If the roles are not prefixed with
|
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Thanks for your answer |
Beta Was this translation helpful? Give feedback.
Answer selected by
kkhanhluu
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
"Roles" in spring-security world are "authorities" with
ROLE_prefix.Those 3 are the same:
@PreAuthorize("hasAuthority('ROLE_user')")@PreAuthorize("hasRole('user')")@RolesAllowed("user")If the roles are not prefixed with
ROLE_in access-token, either:hasAuthorityROLE_prefix (this can be done from properties or yaml file if you use my starters and kept default authorities mapper).