|
|
@@ -19,7 +19,7 @@ This improves upon `@EnableReactiveMethodSecurity` in a number of ways. `@Enable
|
|
|
|
|
|
1. Uses the simplified `AuthorizationManager` API instead of metadata sources, config attributes, decision managers, and voters.
|
|
|
This simplifies reuse and customization.
|
|
|
-2. Supports reactive return types. Note that we are waiting on https://github.com/spring-projects/spring-framework/issues/22462[additional coroutine support from the Spring Framework] before adding coroutine support.
|
|
|
+2. Supports reactive return types including Kotlin coroutines.
|
|
|
3. Is built using native Spring AOP, removing abstractions and allowing you to use Spring AOP building blocks to customize
|
|
|
4. Checks for conflicting annotations to ensure an unambiguous security configuration
|
|
|
5. Complies with JSR-250
|
|
|
@@ -304,13 +304,6 @@ and it will be invoked after the `@PostAuthorize` interceptor.
|
|
|
|
|
|
== EnableReactiveMethodSecurity
|
|
|
|
|
|
-[WARNING]
|
|
|
-====
|
|
|
-`@EnableReactiveMethodSecurity` also supports Kotlin coroutines, though only to a limited degree.
|
|
|
-When intercepting coroutines, only the first interceptor participates.
|
|
|
-If any other interceptors are present and come after Spring Security's method security interceptor, https://github.com/spring-projects/spring-framework/issues/22462[they will be skipped].
|
|
|
-====
|
|
|
-
|
|
|
[tabs]
|
|
|
======
|
|
|
Java::
|
Sarvajith Adyanthaya