mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-10-25 19:58:48 +00:00
25 lines
1.0 KiB
Plaintext
25 lines
1.0 KiB
Plaintext
|
= Authorization Changes
|
||
|
|
|
||
|
|
The following sections relate to how to adapt to changes in the authorization support.
|
||
|
|
|
||
|
|
== Method Security
|
||
|
|
|
||
|
|
[[compile-with-parameters]]
|
||
|
|
=== Compile With `-parameters`
|
||
|
|
|
||
|
|
Spring Framework 6.1 https://github.com/spring-projects/spring-framework/issues/29559[removes LocalVariableTableParameterNameDiscoverer].
|
||
|
|
This affects how `@PreAuthorize` and other xref:servlet/authorization/method-security.adoc[method security] annotations will process parameter names.
|
||
|
|
If you are using method security annotations with parameter names, for example:
|
||
|
|
|
||
|
|
[source,java]
|
||
|
|
.Method security annotation using `id` parameter name
|
||
|
|
----
|
||
|
|
@PreAuthorize("@authz.checkPermission(#id, authentication)")
|
||
|
|
public void doSomething(Long id) {
|
||
|
|
// ...
|
||
|
|
}
|
||
|
|
----
|
||
|
|
|
||
|
|
You must compile with `-parameters` to ensure that the parameter names are available at runtime.
|
||
|
|
For more information about this, please visit the https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-6.x#core-container[Upgrading to Spring Framework 6.1 page].
|