1.@Secured
(1)在配置类开启注解使用
@EnableGlobalMethodSecurity(securedEnabled = true)
(2)将@Secured注解放到权限方法的上方,使用@Secured注解,权限名必须以ROLE_开头
@Secured("ROLE_/reportform/find") @GetMapping("/reportform/find") public String findReportForm(){ return "查询报表"; }
2.@PreAuthorize
(1)在配置类开启这个注解的使用
@EnableGlobalMethodSecurity(prePostEnabled = true)
(2)在方法上方添加这个注解
@PreAuthorize("hasAnyAuthority('/salary/find')") @GetMapping("/salary/find") public String findSalary(){ return "查询工资"; }