0
0
Spring Bootframework~5 mins

@Secured annotation in Spring Boot - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What is the purpose of the @Secured annotation in Spring Boot?
The @Secured annotation is used to specify security roles that are allowed to access a method or class. It restricts access based on user roles.
Click to reveal answer
beginner
How do you specify multiple roles with @Secured?
You provide an array of role names inside @Secured, like @Secured({"ROLE_ADMIN", "ROLE_USER"}). The method is accessible if the user has any one of these roles.
Click to reveal answer
beginner
Where can you place the @Secured annotation in your code?
You can place @Secured on methods or on classes. When placed on a class, it applies to all methods inside that class.
Click to reveal answer
intermediate
What must be enabled in Spring Security configuration to use @Secured annotations?
You must enable method security by adding @EnableMethodSecurity(securedEnabled = true) in your configuration class.
Click to reveal answer
intermediate
What happens if a user without the required role tries to access a method annotated with @Secured?
Spring Security will deny access and throw an AccessDeniedException, usually resulting in a 403 Forbidden HTTP response.
Click to reveal answer
What does @Secured({"ROLE_ADMIN"}) mean?
AOnly users with ROLE_ADMIN can access the method
BAll users can access the method
CUsers with any role can access the method
DIt disables security for the method
Where do you enable support for @Secured annotations in Spring Boot?
AIn the controller class only
BIn the application.properties file
CNo configuration needed
DIn the main application class with <code>@EnableMethodSecurity(securedEnabled = true)</code>
If @Secured is placed on a class, what happens?
AIt applies only to methods with <code>@RequestMapping</code>
BIt applies to all methods in the class
CIt applies only to the constructor
DIt has no effect
Can @Secured accept multiple roles?
AYes, but only comma-separated string
BNo, only one role is allowed
CYes, as an array of role names
DNo, roles are defined elsewhere
What exception is thrown if access is denied by @Secured?
AAccessDeniedException
BNullPointerException
CIllegalArgumentException
DAuthenticationException
Explain how the @Secured annotation controls access in a Spring Boot application.
Think about who can use the method and what happens if they can't.
You got /4 concepts.
    Describe the steps to secure a method using @Secured in Spring Boot.
    Consider configuration and annotation placement.
    You got /4 concepts.