Deploying policies

Assume the application you want to secure relies on Spring Security.

Use Method-Level Security

Method-level security is used to restrict access at the controller, service or repository layer.

Use @PreAuthorize or @PostAuthorize annotations to apply authorization checks on method calls. These annotations support SpEL (Spring Expression Language) for complex conditions.

@Service
public class ReportService {

    @PreAuthorize("hasPermission(#reportId, 'REPORT', 'READ')")
    public Report getReportById(Long reportId) {
        // Method logic here
    }

    @PreAuthorize("hasPermission(#report.id, 'REPORT', 'UPDATE')")
    public void updateReport(Report report) {
        // Logic for updating the report
    }
    
}

Configure Big ACL Connector

Big ACL provides a connector for Spring Security and Spring Security ACL

Including the dependency in your project

    <dependency>
      <groupId>com.bigacl</groupId>
      <artifactId>spring-security</artifactId>
    </dependency>