Do you think it's worth trying from your professional point of view? I think it should be a patch for spring security if it's not possible out-of-the box as far as I can say by now.
On Fri, Sep 19, 2008 at 8:00 AM, Matt Raible <[EMAIL PROTECTED]> wrote: > I believe it is possible, but I've never done it myself. If it's not > available out-of-the-box, I'm sure you could add it. > > Matt > > On Thu, Sep 18, 2008 at 6:07 PM, Michael Duergner > <[EMAIL PROTECTED]> wrote: > > Hi all, > > I was wondering if there is already a way to define web level security by > > using annotations when using Spring Security. What I'd like to do is to > move > > the rule inside the <http> Container in security.xml into the Controller > > Classes by using annotations. As it's possible for method level security > it > > should be possible for web level security also or is there a problem I > don't > > see. > > I think it would make the application much easier to manage, as > security.xml > > would only hold basic configuration (and maybe a default security policy > > e.g. require ROLE_USER by default for every page unless otherwise > specified > > by annotations). > > -- > > Michael Dürgner > > > -- Michael Dürgner
