The Big Idea
What if you could lock your app's doors with just a simple tag on your code?
0
0
Why @Secured annotation in Spring Boot? - Purpose & Use Cases
The Scenario
Imagine building a web app where you must check user roles manually before allowing access to each page or function.
You write many if-else checks scattered everywhere in your code.
The Problem
Manually checking roles everywhere makes your code messy and hard to maintain.
It's easy to forget a check, causing security holes.
Changing roles means hunting through all your code to update conditions.
The Solution
The @Secured annotation lets you declare access rules right on methods or classes.
Spring Security automatically enforces these rules, keeping your code clean and secure.
Before vs After
✗ Before
if(user.hasRole("ADMIN")) { performAdminTask(); } else { denyAccess(); }
✓ After
@Secured("ROLE_ADMIN")
public void performAdminTask() { ... }What It Enables
You can easily protect parts of your app by simply adding annotations, making security clear and centralized.
Real Life Example
In an online store, only users with the ADMIN role can add or remove products, enforced by @Secured on those methods.
Key Takeaways
Manual role checks clutter code and risk mistakes.
@Secured centralizes security rules on methods or classes.
It makes your app safer and easier to maintain.