Spring Security customization (Part 1 - Customizing UserDetails or extending GrantedAuthority)
This is the first part of what I hope will become a multipart series of small posts showing practical examples around Spring Security customization. The requirements for these customizations are not imaginary and all came from the field. . .
Assume you have the following requirement. You have a list of roles where each role contains list of business functions applicable to this role (see below):
ROLE_ADMIN BF_QUOTE_CREATE BF_POLICY_CREATE BF_POLICY_DELETE
ROLE_AGENT BF_QUOTE_CREATE BF_POLICY_CREATE
The trick is to be able to make authorization…