Package org.springframework.security.config.annotation.method.configuration

Annotation Type EnableGlobalMethodSecurity

  • @Retention(RUNTIME)
@Target(TYPE)
@Documented
@Import(org.springframework.security.config.annotation.method.configuration.GlobalMethodSecuritySelector.class)
@EnableGlobalAuthentication
@Configuration
public @interface EnableGlobalMethodSecurity

    Enables Spring Security global method security similar to the <global-method-security> xml support.

    More advanced configurations may wish to extend GlobalMethodSecurityConfiguration and override the protected methods to provide custom implementations. Note that EnableGlobalMethodSecurity still must be included on the class extending GlobalMethodSecurityConfiguration to determine the settings.

    Since:
    3.2

    • Optional Element Summary

      Optional Elements 
      Modifier and Type Optional Element Description
      boolean jsr250Enabled
      Determines if JSR-250 annotations should be enabled.
      org.springframework.context.annotation.AdviceMode mode
      Indicate how security advice should be applied.
      int order
      Indicate the ordering of the execution of the security advisor when multiple advices are applied at a specific joinpoint.
      boolean prePostEnabled
      Determines if Spring Security's pre post annotations should be enabled.
      boolean proxyTargetClass
      Indicate whether subclass-based (CGLIB) proxies are to be created (true) as opposed to standard Java interface-based proxies (false).
      boolean securedEnabled
      Determines if Spring Security's Secured annotations should be enabled.

    • Element Detail

      • prePostEnabled

        boolean prePostEnabled
        Determines if Spring Security's pre post annotations should be enabled. Default is false.
        Returns:
        true if pre post annotations should be enabled false otherwise.
        Default:
        false

      • securedEnabled

        boolean securedEnabled
        Determines if Spring Security's Secured annotations should be enabled.
        Returns:
        true if Secured annotations should be enabled false otherwise. Default is false.
        Default:
        false

      • jsr250Enabled

        boolean jsr250Enabled
        Determines if JSR-250 annotations should be enabled. Default is false.
        Returns:
        true if JSR-250 should be enabled false otherwise.
        Default:
        false

      • proxyTargetClass

        boolean proxyTargetClass
        Indicate whether subclass-based (CGLIB) proxies are to be created (true) as opposed to standard Java interface-based proxies (false). The default is false. Applicable only if mode() is set to AdviceMode.PROXY.

        Note that setting this attribute to true will affect all Spring-managed beans requiring proxying, not just those marked with the Security annotations. For example, other beans marked with Spring's @Transactional annotation will be upgraded to subclass proxying at the same time. This approach has no negative impact in practice unless one is explicitly expecting one type of proxy vs another, e.g. in tests.

        Returns:
        true if CGILIB proxies should be created instead of interface based proxies, else false
        Default:
        false

      • mode

        org.springframework.context.annotation.AdviceMode mode
        Indicate how security advice should be applied. The default is AdviceMode.PROXY.
        Returns:
        the AdviceMode to use
        See Also:
        AdviceMode
        Default:
        org.springframework.context.annotation.AdviceMode.PROXY

      • order

        int order
        Indicate the ordering of the execution of the security advisor when multiple advices are applied at a specific joinpoint. The default is Ordered.LOWEST_PRECEDENCE.
        Returns:
        the order the security advisor should be applied
        Default:
        2147483647