Java Technology

Spring Security – Access Denied SpEL Changes

If you use Spring Security to lock down a web application and you use the hasAnyRole or hasAnyAuthority you are likely using a comma separated list of roles or authorities. If you upgrade to Spring Framework 5.3.13 or higher your roles will not parse correctly if the entire comma separated list is contained in single […]