As a developer of the REST API, I would like to protect REST API endpoints or parts of my code by SAF resources.
[x] API to do authorization checks
[x] Check that the application has required permissions for authentication at startup
[x] Authorization implementation using the Java SAF APIs (DATASET resource class is not in the scope of this story)
[x] Integration with Spring Security
See https://www.baeldung.com/spring-security-create-new-custom-security-expression - 5. A New Security Expression - implement new methods hasSafResourceAccess (absolute class resource name) and hasSafServiceResourceAccess (relative to the user-configurable resource class and resource name prefix for the service)
As a developer of the REST API, I would like to protect REST API endpoints or parts of my code by SAF resources.
DATASET
resource class is not in the scope of this story)hasSafResourceAccess
(absolute class resource name) andhasSafServiceResourceAccess
(relative to the user-configurable resource class and resource name prefix for the service)