Spring注解配置看起来像是开销
我刚刚面临,为了使用 Spring Security 的特定注释,
我应该在我的配置(applicationContext.xml)中明确允许它们
示例:
<sec:global-method-security secured-annotations="enabled" />
<sec:global-method-security jsr250-annotations="enabled" />
...
您认为在我们的框架应用程序中显式声明哪些注释
的方法有什么优点?
看起来像是过度配置,不是吗?
I just faced,that in order to use specific annotations for Spring Security,
I should explicitely allow them in my config(applicationContext.xml)
Example:
<sec:global-method-security secured-annotations="enabled" />
<sec:global-method-security jsr250-annotations="enabled" />
...
What advantages do you see in approach of explicitely declare what annotations
are allowed in our frameworked application?
Looks like overconfiguration,isn't it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
一个可能的好处是,当类路径中不存在所需的注释时,它允许 Spring Security 抛出异常(尽管它主要与 JSR-250 注释有关,因为其他注释是 Spring Security 本身的一部分)。
否则 Spring Security 将不得不默默地忽略注释的缺失,这可能会导致令人惊讶的行为。
One possible benefit is that it allows Spring Security to throw an exception when desired annotations are not present in the classpath (though it's mostly about JSR-250 annotations, since other annotations are parts of Spring Security itself).
Otherwise Spring Security would have to silently ignore absence of annotations, that may lead to surprising behaviour.