Being new to spring security annotations, I am not able to understand the real difference between the below two lines. Does it mean that hasRole implicitly checks for authentication?
- @PreAuthorize("isFullyAuthenticated() and hasRole('activateUser')")
+ @PreAuthorize("hasRole('activateUser')")
void activateUser(String username);
As per spring documentation,
isFullyAuthenticated() Returns true if the user is not an anonymous or a remember-me user
Aucun commentaire:
Enregistrer un commentaire