Open
Description
There are times that users cannot add annotations to objects or APIs that they want to secure. For example, consider if an team external provides a PersonService
and team internal wants to add security to it. At the moment, the security must be done by adding intercept-methods style configuration.
A similar situation occurs when using Collections of objects. In this case, Spring Security provides custom Filtering. This could potentially be used to replace the @PreFilter
and @PostFilter
support.
I think that these situations are very similar and can be combined into an approach similar to Jackson's MixIn Approach.
Metadata
Metadata
Assignees
Labels
No labels