Authorization in Spring Security: permissions, roles and beyond

Spring Security is the de facto standard for securing Spring Boot apps, covering everything from basic hasRole(...) checks to complex, multi-phase authorization flows. You’ll learn how to correctly architect login-time user info extraction, policy decision vs. policy enforcement points, and the coding strategies needed to make rock-solid authorization decisions.

In this follow-up to last year’s Deep Dive, Daniel Garnier Moiroux walks you through live-coded examples, access control patterns, and real-world tradeoffs between different authorization mechanisms—arming you with practical advice for any Spring Security use-case.

Watch on YouTube