spring security authorize ifAllGranted documentation

I'm just interested in the available attributes in spring-security:authorize tag.

In our project, we used to use tag like this:

<security:authorize ifAllGranted="ROLE_ADMIN">

for the access to different part of one JSP.

However, I read from somewhere that ifAllGranted is already deprecated.

So I used SpEL for different access levels.

But I'm still interested about finding documentations about these deprecated attributes in authorize tag to know how it works, and I just can't find it someone could help?

Solution

Check the tag library sources those state what should be considered deprecated and what not. But in general the static access control stuff is deprecated in favor of SpEL expression which allow for a more powerful and flexible way of securing objects.

by – M. Deinum Aug 28 at 10:43

Load Multiple CSV files into database using Spring Batch
Spring Boot i18n resolution
How to configure Azure Application Insight for a Java Spring Boot in a Pod in Azure AKS
Spring @Async with CompletableFuture
Authentication for many user types in spring boot project
Possible to access HealthIndicator methods as endpoints?
org.springframework.dao.OptimisticLockingFailureException: Attempt to update step execution id=1 with wrong version (2), where current version is 3
Issue: FileNotFoundException for AppConfig.xml in Spring Project
Custom Spring annotation for request parameters
Spring Boot Upload Multipart 413 Request Entity Too Large
Spring Batch - Deleting metadata post job completion throws error - Incorrect result size: expected 1, actual 0
How to prevent spring boot from auto creating instance of bean 'entityManagerFactory' at startup?
Spring Integration webflux fails for every other calls
Spring @ExceptionHandler handling multiple kinds of exceptions
Configuring Hazelcast via Spring Boot application.yml
Failed to configure a DataSource: 'url' attribute is not specified and no embedded datasource could be configured
Programmatically restart Spring Boot application / Refresh Spring Context
Generating JWT token with JwtUtil class in Spring Boot resulting in NullPointerException
How can I get an ObjectMapper instance in Spring Boot without inheriting from spring-boot-starter-web?
How to query elasticsearch from spring with LocalDate
After Spring Boot 3 update: Manually authenticating user not working
Multiple user details services for different endpoints
openapi-generator generates correct code, but incorrect documentation annotations in Spring Boot project
Spring Boot redirection back to login page
Customize Global Exception Handler in java Spring Boot
Spring Boot Page Deserialization - PageImpl No constructor
Exclude specific resource page(s) from Cross-Origin-Resource-Policy same-origin header in Spring WebSecurityConfigurerAdapter
Custom @ControllerAdvice in Spring for exception handling
Spring @Controller exception handler and global exception handler. How to invoke both
How to handle MethodArgumentTypeMismatchException and set a custom error message in spring boot?