I am using Spring 5 security to my project. the Haspermission is evaluating (working) when it placed in controller layer. but if its moved to service layer its not working. Can somebody help me out that is there any configuration need to be changes.
Note: But the same is working in spring 3
Below is the config in security context.
<security:global-method-security pre-post-annotations="enabled" jsr250-annotations="enabled" secured-annotations="enabled" access-decision-manager-ref="accessDecisionManager" > <security:expression-handler ref="expressionHandler" /> </security:global-method-security>
<bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
<property name="permissionEvaluator" ref="MyPermissionEvaluator" />
<property name="defaultRolePrefix" value=""></property>
</bean>
<bean id="MyPermissionEvaluator" class="org.***.***.**.security.MyPermissionEvaluator" />
<security:http entry-point-ref="authenticationEntryPoint" create-session="stateless" use-expressions="true"> <security:intercept-url pattern="/**" method="OPTIONS" requires-channel="any" access="permitAll" />
<security:intercept-url pattern="/**" requires-channel="any" access="isAuthenticated()" />
<security:custom-filter position="PRE_AUTH_FILTER" ref="openssoFilter" />
<security:csrf disabled="true" />
</security:http>
Thanks in advance.
Need Spring 5 security haspermission to work on service layer.